Most LLM security tools focus on catching problems at runtime, intercepting bad inputs after your app is already live. PromptSonar takes a different approach: it scans your actual source code for dangerous prompt patterns before you ever deploy.
The open-source static analyzer checks prompt strings written directly into codebases for prompt injection (where attackers trick an AI into ignoring its instructions), jailbreak patterns, PII leaks, and privilege escalation risks. It supports TypeScript, JavaScript, Python, Go, Rust, Java, and C#, which covers the vast majority of languages used to build LLM-powered applications today.
The tool works like a linter for your prompts. Instead of waiting for a user to exploit a vulnerability in production, PromptSonar flags risky patterns during development. That includes detecting prompts that could be manipulated to bypass safety controls, strings that might accidentally expose personal data, and patterns where prompts grant more access than intended.
For teams shipping AI features, this fills a real gap. Runtime security layers like input/output filters are necessary, but they are reactive by definition. A prompt baked into your source code with a vulnerability will pass every code review if nobody knows what to look for. Static analysis catches these issues the same way ESLint catches JavaScript bugs or Bandit catches Python security flaws - automatically, before the code ships.
The project is available on GitHub under an open-source license. It is still early, but the concept is sound. As more companies embed LLM calls directly into their products, the attack surface in prompt strings is growing fast, and most development teams do not have prompt security expertise on staff.