AI Security Tools
& Calculators
Assess your internal AI application's security posture with interactive tools — blast radius, agent capability matrix, prompt-injection scenarios, and downloadable checklists.
Educational notice: These tools provide preliminary assessments for planning purposes. They do not replace a formal security review or legal compliance assessment.
Synopsis
Building internal AI applications with Streamlit, RAG, and MCP creates a new attack surface that traditional application security does not fully address. These interactive tools help you estimate blast radius, map agent capabilities to risk levels, browse real-world prompt-injection scenarios, and download structured checklists for vendor due diligence and incident evidence preservation. Use them alongside the Streamlit architecture guide and the secure RAG architecture guide.
AI Blast Radius Calculator
Estimate the potential exposure surface of your AI application based on data, users, tools, and deployment.
AI Blast Radius Calculator
Blast Radius: Low
Score: 3 / 48
Limited exposure surface. Basic controls and documentation are likely sufficient.
- •Document the AI system in your AI inventory with data types and user populations
- •Enable basic audit logging for all model interactions and tool calls
- •Review access controls quarterly — ensure only intended users can reach the application
- •Keep the tool allow-list minimal: remove any tool that is not actively used
How is this score calculated?⌄
The score is the sum of weighted factors:
- Data type (0–9): No sensitive data = 0, Public = 1, Internal = 3, Confidential = 6, PII = 7, PHI/Biometric = 9
- User scale (1–8): 1–10 users = 1, 11–100 = 3, 101–1,000 = 5, 1,000+ = 8
- Tool access (1–10): Read-only = 1, Write = 5, Action = 8, Admin = 10
- Deployment (1–7): Local = 1, Internal server = 2, Cloud = 4, Public = 7
- MCP connected: +3 (external tool discovery expands attack surface)
- RAG enabled: +2 (document corpus is an injection vector)
- Automatic execution: +5 (no human checkpoint before actions)
- Multi-tenant: +4 (cross-tenant leakage risk)
Risk bands: 0–7 Low, 8–17 Moderate, 18–29 High, 30+ Critical.
Industry scenarios — click to load:
AI Agent Read / Write / Action Matrix
Map what your AI agent can do with each resource type. Risk is automatically classified based on capability and data sensitivity.
AI Agent Read / Write / Action Matrix
| Resource | Read | Write | Action | Admin |
|---|---|---|---|---|
| Public knowledge base | ||||
| Internal documents (non-sensitive) | ||||
| Internal documents (confidential) | ||||
| Customer records | ||||
| Employee records | ||||
| Financial data | ||||
| Health information (PHI) | ||||
| Biometric identifiers | ||||
| Source code / IP | ||||
| Security incidents | ||||
| Administrative configs | ||||
| External APIs (email, payments, ticketing) |
How to use: Click a cell to toggle that capability for that resource. Risk is automatically classified based on the combination.
Risk levels:
- Low — Minimal risk. Standard logging and access controls are sufficient.
- Medium — Moderate risk. Requires RLS, authorization checks, and audit logging.
- High — High risk. Requires human approval, server-side authorization, and evidence-grade logging.
- Critical — Critical risk. Requires mandatory human approval, multi-party authorization, full audit trail, and adversarial testing.
Prompt-Injection & AI Security Scenario Library
Browse real-world attack vectors, examples, and defense strategies for internal AI applications.
Prompt-Injection & AI Security Scenario Library
Automated detection: The HAIEC platform provides deterministic analysis for prompt injection, RAG poisoning, tool abuse, authentication gaps, and tenant-isolation weaknesses — alongside runtime adversarial testing and evidence-grade outputs.
What These Tools Don't Cover
These tools provide preliminary assessments. They are not a substitute for a formal security review.
Runtime adversarial testing
Code-level vulnerability analysis
Regulatory compliance determination
Vendor security verification
Need comprehensive analysis? The HAIEC AI Exposure Assessment performs deterministic code analysis, runtime adversarial testing, and produces evidence-grade compliance documentation.
Downloadable Checklists & Templates
Structured resources for AI governance, vendor evaluation, and incident response.
AI Risk Register Template
AI Vendor Due-Diligence Checklist
AI Incident Evidence Checklist
Industry Coverage
The blast radius calculator includes one-click scenario presets for common industry deployments. Here is how the risk factors differ by industry.
Healthcare (PHI)
Financial Services
HR / Hiring
Legal
Retail / E-commerce
Small Business
How to Use These Tools Together
Scenario: Healthcare internal AI assistant
A hospital IT team is building a Streamlit application that lets clinicians query patient records using natural language. The system uses RAG to retrieve from the EHR, connects to an MCP server for lab-result lookups, and is deployed on an internal server accessible to 500+ clinicians.
Step-by-step assessment:
- Blast Radius Calculator: Select PHI data, 101–1,000 users, action tool access, internal server deployment, MCP connected, RAG enabled. Result: Critical (score 31/44). The tool recommends mandatory adversarial testing and dual authorization.
- Agent Matrix: Toggle read on patient records (high), action on lab-result lookup (critical), and admin on user management (critical). The matrix flags 2 critical combinations — confirming that admin access should be removed from the agent scope entirely.
- Scenario Library: Review the indirect prompt injection via RAG document scenario (PI-02). The team realizes that a malicious document uploaded to the EHR knowledge base could instruct the model to call the lab-result tool and exfiltrate results. They add document provenance tracking and human approval for all action tools.
- Risk Register: Create entries for each identified risk with owners from IT, Security, and Compliance. Set the RAG poisoning risk to High likelihood given that clinicians can upload documents.
- Vendor Checklist: Evaluate the EHR vendor and MCP server provider against the 60-item checklist before signing the integration agreement.
Scenario: HR department deploying AI resume screening
A mid-size company (200 employees) in New York City and California wants to use an AI-powered ATS that ranks resumes and scores video interviews. The HR team uses the tools to assess risk and compliance obligations.
- Blast Radius Calculator: Load the HR/Hiring preset. Result: confidential data (PII), 50 users, admin tools, cloud deployment, RAG enabled, auto-approval. Score: Critical (score 29/44) — driven by admin access to candidate records and auto-approval without human review.
- Agent Matrix: Toggle admin on candidate records (critical) and read on job descriptions (low). The matrix immediately flags admin access as critical-risk — the tool should not have admin authority over candidate status without human approval.
- Risk Register: Create entries for algorithmic bias (R-16), missing bias audit (R-17), candidate notification failure (R-18), and unauthorized biometric analysis (R-19). Set all to High likelihood given multi-state operations.
- Vendor Checklist: Evaluate the ATS vendor against the full 60-item checklist. Require evidence of independent bias audit (NYC LL 144), compliance with Illinois AIVIA (video interview consent), California FEHA alignment, and EU AI Act Annex III high-risk classification documentation.
- Incident Evidence Checklist: Prepare the evidence preservation plan in advance — if a candidate files a discrimination claim, the company must preserve all screening decisions, model outputs, scoring criteria, and bias audit records for 4 years (California FEHA requirement).
FAQ
Are these tools free to use?⌄
Yes. All three interactive tools are free and run entirely in your browser. No data is sent to a server. The downloadable checklists and templates are available through the lead magnet form.
Do these tools work for non-Streamlit AI applications?⌄
Yes. While the tools were designed alongside the Streamlit architecture guide, the risk factors, agent capabilities, and attack scenarios apply to any internal AI application built with Python, React, or any other framework. The blast radius factors (data type, user scale, tool access, deployment model) are framework-agnostic.
How often should I re-run the blast radius calculation?⌄
Re-run it whenever the application architecture changes: new data sources, new tool integrations, new MCP servers, expanded user populations, or deployment model changes. At minimum, review quarterly as part of your AI governance cycle.
Can I use the scenario library for security training?⌄
Yes. The scenario library is designed for both planning and training. Each scenario includes a concrete attack example and defense strategies, making it suitable for tabletop exercises, developer training, and security awareness sessions.
What should I do if the blast radius calculator shows Critical?⌄
Do not deploy without a completed security assessment. Follow the recommendations provided with the Critical result, and consider engaging a professional AI security assessment. The HAIEC AI Exposure Assessment provides deterministic analysis, adversarial testing, and evidence-grade compliance outputs.
AI Governance & Compliance Framework Guide
For a comprehensive guide on how NIST AI RMF, ISO/IEC 42001, SOC 2, and AI-specific security testing fit together, read How to Secure and Govern AI: NIST, ISO and SOC 2. For AI voice agent-specific security, failure modes, and deployment architecture, read Why AI Voice Agents Fail in Production.