ZeroLeaks SDK
Reports
Retrieve scores, findings, recommendations, remediation, and scan metadata.
Reports
Completed prompt scans produce a security report with an overall score, vulnerability classification, findings, recommendations, and mode-specific evidence.
Runtime and endpoint reports additionally break findings into prompt security, tool safety, multi-turn resilience, and data leakage. Runtime reports include a toolTrace containing observed arguments, results, errors, provider execution state, attack prompt, and isolated session.
const report = await zeroleaks.reports.getByScan(scanId);
console.log(report.overallScore); // 0-100, higher is safer
console.log(report.overallVulnerability);
console.log(report.findings);
console.log(report.recommendations);Retrieve a report by report ID:
const report = await zeroleaks.reports.get(reportId);List report summaries:
const page = await zeroleaks.reports.list({ limit: 20 });
console.log(page.items);The report shape can include:
- Extraction and injection scores
- Severity-ranked findings
- Attack-family statistics
- Sandbox tool logs and exposed canaries
- Kill-chain detections
- Prompt remediation guidance
- Knowledge and corpus version metadata
- A truncation notice when verbose evidence exceeds storage limits
- Runtime tool-call and tool-result traces
- Target provider, model, tool schemas, and adapter metadata
Treat report evidence as sensitive security data. Avoid logging complete reports or exposing them to unauthenticated clients.