Inside the SASKI SDK Security Audit: Why Transparency Matters in AI Safety
At SASKI Institute, we believe AI safety vendors should show their work, not just their marketing. If you are building the middleware that acts as a deterministic guardrail for enterprise AI applications, you cannot ask people to just trust you. You have to prove it.
We recently wrapped up a rigorous, multi-phase internal security audit of the SASKI SDK. Here is a look behind the curtain at how we did it, what we learned, and where we stand.
The Audit Blueprint: 8+ Hours via Codex
We did not want to audit our code in an echo chamber. Because our engineering team lives and breathes in Cursor for daily development, we deliberately chose Codex as our independent auditing platform. Using a completely different platform allowed us to eliminate tool bias and ensure an adversarial, clear eyed evaluation of our codebase.
This internal AI assisted audit took over 8 hours of intensive static review, remediation verification, and rigorous testing. This was not a superficial, ten questions per framework checklist. The process spanned a comprehensive full suite verification run of 889 test outcomes plus 39 LLM integration harness rows. Every single one of these granular data points was mapped directly against the industry standard safety frameworks defined in our master governance guide:
- OWASP LLM Top 10
- OWASP Agentic Top 10
- MITRE ATLAS
- NIST AI RMF
The Scorecard: Earning a Solid B
Our comprehensive evaluation awarded the SASKI SDK an overall grade of B. The evidence package confirmed that SASKI excels as a robust liability and safety middleware layer.
What the Audit Validated
The strongest verified capabilities from our test suite include:
- Crisis and Emergency Precedence: Blocked or escalated inputs are safely intercepted and are not sent onward to the LLM.
- Synthetic PII Handling: Strong pre-LLM paths successfully redact and protect sensitive synthetic data.
- Regulated Mode Enforcement: Patient and child modes properly trigger deterministic post-LLM scan obligations.
- Privacy Hardening: Structured log event records are kept strictly metadata only, ensuring no raw prompts, assistant responses, or API keys leak into telemetry.
- Statute-Gate Enforcement: The post-LLM scanner successfully executed both block and redact outcomes for regional compliance protocols, such as California SB 942 and Oregon HB 2748.
Clear Boundaries, Proactive Safety
A massive part of true safety is knowing exactly what your tools can and cannot do. SASKI is deterministic safety, privacy, and policy middleware for AI workflows; it is not a generative model itself, nor is it a universal legal or clinical validation engine.
Instead of hiding our internal testing data or publishing raw logs to the wild internet, we are leveraging these precise scope boundaries, framework mappings, and graded conclusions to provide radical transparency directly to our enterprise design partners during controlled external reviews. We have cleared out the low hanging fruit, proven our core architecture under heavy testing, and are fully prepared for deep enterprise scrutiny.
The work does not stop here. While this internal milestone successfully validated our core safety architecture, we know that true enterprise trust requires independent validation. We are excited to announce that we are officially signing the agreement to have Trail of Bits complete a rigorous third party audit of our SASKI SDK, ensuring we continue to push our safety benchmarks forward. Stay tuned!
