FAI Hooks
Event-driven security gates on every prompt.
FAI Cost Tracker
Model-aware cost estimation with per-session tracking, daily/weekly/monthly aggregation, anomaly detection, CSV export, and budget alerting — FinOps visibility for AI-assisted development.
FAI Governance Audit
Detects threat signals in user prompts across 7 OWASP LLM Top 10 categories — prompt injection, data exfiltration, privilege escalation, credential exposure, system destruction, insecure output, and model theft.
FAI License Checker
Scans dependencies for license compliance across npm, pip, NuGet, and Go ecosystems with SPDX classification, configurable allowlist/blocklist, and severity levels.
FAI Output Validator
Validates LLM-generated code and config files against 9 checks: naming conventions, frontmatter schemas, JSON structure, content safety, hallucination markers, PII detection, format compliance, length constraints, and markdown structure.
FAI PII Redactor
Scans uncommitted code for personally identifiable information across 12+ PII categories with configurable redaction strategies (mask/hash/remove), severity filtering, locale-aware patterns, and GDPR/HIPAA compliance markers.
FAI Secrets Scanner
Detects leaked credentials, API keys, tokens, connection strings, and private keys in code changes using 40+ provider-specific patterns and Shannon entropy analysis.
FAI Session Logger
Structured JSON Lines audit trail of Copilot session activity with log rotation, compression, rate limiting, and error recovery — without ever logging prompt content.
FAI Token Budget Enforcer
Per-model token budgets with sliding window tracking, grace periods, configurable alert thresholds, daily resets, and multi-tenant support — preventing runaway LLM spend before it happens.
FAI Tool Guardian
Intercepts tool calls with allowlist/blocklist enforcement, URL pattern filtering, per-tool rate limiting, an audit trail, and sandbox mode — 7 threat categories covering file destruction, force pushes, database drops, permission abuse, network exfiltration, and infrastructure teardown.
FAI WAF Compliance
Validates code changes against all 6 Well-Architected Framework pillars with per-pillar scoring and configurable thresholds.