shield_lock
JinDaGe
Contact
Back to skills
extension
Category: Security & ComplianceAPI key required

Mind Security

AI security toolkit — deepfake detection, prompt injection scanning, malware/phishing URL scanning, and AI text detection. Use when: (1) verifying if an imag...

personAuthor: canvinushubclawhub
open_in_newRepositorydownloadDownload package

mind-security

AI security toolkit with four active modules.

Quick Reference

| Task | Command | Docs | |------|---------|------| | Deepfake detection | python3 scripts/check_deepfake.py <path_or_url> | deepfake-detection.md | | Prompt injection scan | python3 scripts/check_prompt_injection.py "<text>" | prompt-injection.md | | Malware/phishing scan | python3 scripts/check_malware.py "https://..." | malware-scanning.md | | AI text detection | python3 scripts/check_ai_text.py "<text>" | ai-text-detection.md |

Modules

Deepfake detection — BitMind API (Bittensor Subnet 34) for images and videos. Supports YouTube, Twitter/X, TikTok URLs. EXIF/metadata fallback for local images. Set BITMIND_API_KEY (get key).

Prompt injection detection — Multi-layer scanner: 50+ regex patterns (instant, zero-dep) + LLM Guard ML model (optional, pip install llm-guard). Identifies known injection signatures, role-override attempts, and instruction-bypass patterns.

Malware/phishing scanning — VirusTotal (70+ engines), URLScan.io (1500+ brands), Google Safe Browsing, plus local heuristics (typosquatting, suspicious TLDs, phishing patterns). Works with no keys via heuristics.

AI text detection — GPTZero API with per-sentence scoring and ~99% accuracy across GPT-4/5, Claude, Gemini, LLaMA. Requires GPTZERO_API_KEY (get key).

API Keys

| Env Var | Used By | Required | Get It | |---------|---------|----------|--------| | BITMIND_API_KEY | Deepfake detection | For API mode | app.bitmind.ai/api/keys | | GPTZERO_API_KEY | AI text detection | Yes | gptzero.me/dashboard | | VIRUSTOTAL_API_KEY | Malware scanner | Optional | virustotal.com | | URLSCAN_API_KEY | Malware scanner | Optional | urlscan.io | | GOOGLE_SAFE_BROWSING_KEY | Malware scanner | Optional | console.cloud.google.com |

Script Conventions

  • python3 scripts/<script>.py --help
  • Core: zero pip dependencies (stdlib only)
  • Optional ML: pip install llm-guard for prompt injection Layer 2
  • JSON to stdout, errors to stderr
  • Exit 0 success, exit 1 failure

Security & Privacy

External endpoints — this skill sends user-provided data to the following third-party APIs for analysis. No data is stored or logged by the skill itself:

| API | Used By | Data Sent | |-----|---------|----------| | BitMind | Deepfake detection | Image/video files or URLs | | GPTZero | AI text detection | Text content | | VirusTotal | Malware scanner | URLs (not file contents) | | URLScan.io | Malware scanner | URLs | | Google Safe Browsing | Malware scanner | URLs |

Trust statement — All modules use Python stdlib only (no pip dependencies for core). API calls use urllib.request with explicit timeouts (10–120s). No telemetry, no analytics, no phone-home beyond the declared API calls above.