Pricing

Pay per usage

GuardPilot — Website AI Chatbot Security Auditor

Crawls public websites to detect AI chat widgets and audits them for prompt injection, instruction leakage, and agent security risks.

Pricing

Pay per usage

Rating

0.0

(0)

Developer

Daniel Lozano

Actor stats

Bookmarked

Total users

Monthly active users

17 hours ago

Last modified

What This Actor Does

Crawls public websites to detect AI chat widgets and audits them for prompt injection, instruction leakage, and agent security risks.

Who It Is For

web design agencies
security consultants
business owners deploying chat widgets
AI developers

Why It Is Useful

Unlike broad security tools, this Actor specifically identifies AI chatbot widgets on websites and runs diagnostic safety testing payloads to check if they leak instructions or customer data.

Input Fields

startUrls: public website URLs to process.
maxItems: maximum URLs to process.
includeAiAnalysis: optional AI enrichment when API keys are configured.
industryHint: optional category hint.

Example Input

{
  "startUrls": [
    {
      "url": "https://example.com"
    }
  ],
  "maxItems": 1,
  "includeAiAnalysis": false,
  "industryHint": "local business"
}

Example Output

{
  "inputUrl": "https://example.com",
  "status": "success",
  "score": 64,
  "opportunityScore": 45,
  "findings": {},
  "missingItems": [],
  "recommendations": [],
  "createdAt": "2026-06-17T18:18:10.134Z"
}

Output Schema

The Actor declares .actor/output_schema.json and links the results output to the default dataset items URL. This helps Apify Console, API consumers, and AI agents discover where run results are stored.

Limitations

Public HTML only. No login-protected scraping, private APIs, legal compliance claims, or browser UI testing.

Local Development

npm install
npm run build
npm test
npm run lint
apify run

Deployment

$apify push

Website Security Auditor

zyrox/website-security-auditor

A powerful security tool to scan websites for exposed API keys and XSS vulnerabilities.

HIDDEN GHOST

CLAUDE.md Security Auditor — Scan AI Agent Configs

ianymu/claudemd-security-auditor

claudemd-security-auditor is an Apify Actor that scans any AI agent project's CLAUDE.md, .claude/hooks, and settings for hardcoded secrets, prompt-injection vectors, destructive commands, and exfiltration channels, returning a severity-ranked JSON + Markdown audit.

Yanlong Mu

Security Headers Checker

pillowy_travel/security-headers-checker

Analyze HTTP security headers of websites and generate a security score. Detect missing headers like CSP, HSTS, X-Frame-Options, and more. Perfect for web security audits, vulnerability checks, learning, and automated monitoring.

SAHIL KUMAR

AI Repository Security Scanner

optimus-fulcria/ai-repo-security-scanner

Scan AI/ML repositories for vulnerabilities: sandbox escapes, code injection, path traversal. For security teams.

Fulcria Labs

Website Security & Vulnerability Audit

smart-digital/website-security-vulnerability-audit

Automated security and vulnerability audit for websites. Detects WordPress plugin vulnerabilities, checks for updates, analyzes SSL/TLS, security headers, and CMS security

My Smart Digital

5.0

MCP Server Risk Auditor

trovevault/mcp-server-risk-auditor

Audits MCP server manifests for tool, permission, credential, prompt-injection, exfiltration, and execution risks. Export data, run via API, schedule and monitor runs, or integrate with other tools.

Trove Vault

Security Headers Checker API - HTTP Security Scanner

pink_comic/security-headers-checker

Security Headers Checker API for bulk HTTP security scans. Audit HSTS, CSP, X-Frame-Options, referrer and permissions policies, missing headers, website hardening gaps, and compliance posture. Returns grades, findings, and header evidence for security audits.

Ava Torres

Zentra Prompt-Injection Quarantine

zentrafoundry/zentra-prompt-injection-quarantine

Scan and sanitize dataset records for prompt-injection, tool manipulation, and credential-exfiltration attempts.

Zentra

Security Headers Checker - Audit CSP, HSTS, XFO and more

scrappy_garden/security-headers-checker

Check common HTTP security headers for one or more URLs (Content-Security-Policy, Strict-Transport-Security, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, COOP/COEP/CORP). Useful for quick security hardening audits.