AgentWatch — Self-Learning AI Security Observatory

AgentWatch is an AI security observatory that protects LLM-powered applications from prompt attacks. Unlike static security tools that only block what you told them to block yesterday, AgentWatch is self-learning — it scrapes the internet for new attack patterns, auto-generates detection rules, and hot-reloads them into the engine without any downtime. The system uses three layers of defense: 1) Hardcoded keyword patterns (fast, 1ms) covering injection, exfiltration, credential theft, code execution, phishing, malware, and PII leaks 2) A growing library of 200+ dynamically generated patterns sourced from GitHub datasets and HuggingFace threat collections — updated every 6 hours via automated scraping 3) Gemini 2.5 Flash AI analysis as a fallback for novel and creative attacks that bypass keyword detection Every verdict is permanently stored in SQLite for audit trails and analytics. The system self-updates via cron: it scrapes the internet for new prompt injection datasets, extracts detection patterns, commits them to a shared GitHub repository (global hive-mind), and hot-reloads them into production — all without human intervention. Built with Node.js, React, SQLite, and Gemini 2.5 Flash. Deployed on Render.