Skip to content
View poojakira's full-sized avatar
💭
open to work
💭
open to work

Highlights

  • Pro

Block or report poojakira

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
poojakira/README.md

Pooja Kiran — ML Security Engineer

I build security controls around ML systems: model supply-chain scanning, LLM/agent security monitoring, adversarial robustness, privacy-attack measurement, and secure ML serving.

Portfolio LinkedIn Email


Public Repositories

AI Security Infrastructure

Repo What it does Tests Release
aegisai-public-dashboard Live AI security monitoring dashboard — request metrics, threat heatmaps, RAG canary monitoring, agent trust graphs, CVE timeline. Deployed on Vercel. CI ✅ v1.0.0
hf-model-provenance-scanner Scan any Hugging Face repo for malicious signals before model.load(). Detects org impersonation (Levenshtein + Unicode homoglyphs), pickle exploits, SBOM absence. Zero deps. 100 tests ✅ v0.1.0
mcp-security-gateway-monitor Monitor MCP tool calls for prompt injection, PII leakage, shadow servers, and exfiltration. SHA-256 hash-chained immutable audit log with WAL persistence. 105 tests ✅ v0.1.0
ml-pipeline-integrity-guard Per-layer SHA-256 weight fingerprinting, output drift detection (min-sample-guarded), backdoor canary probing, rollback urgency scoring 0–100. 89 tests ✅ v0.1.0

Adversarial ML & Privacy Attacks

Repo What it does Tests Release
adversarial-ml-lab FGSM, PGD, C&W L2 attacks on PyTorch classifiers + PGD adversarial training defense. Eval harness produces CI-gateable JSON benchmark reports. 13 tests ✅ v0.1.0
model-privacy-attacks Membership inference (threshold / entropy / shadow model) and model extraction simulators. Black-box access only. Attack AUC > 0.6 verified on synthetic data. 12 tests ✅ v0.1.0
dataset-poisoning-detector Detect injected malicious training samples using z-score (per-class), IQR fences, and IsolationForest. Returns per-sample anomaly scores with feature-level attribution. 13 tests ✅ v0.1.0

LLM & Agent Security

Repo What it does Tests Release
llm-redteam-framework Generate adversarial prompts across 6 mutation categories (direct override, role switch, context escape, indirect embed, obfuscation, multi-step). Offline TF-IDF + LR detector, AUC > 0.85. 15 tests ✅ v0.1.0

Applied ML Security

Repo What it does Tests Release
docquery Production RAG pipeline with tenant-isolated Qdrant retrieval, context_guard (NFKC + homoglyph injection detection), PII redaction, JWT auth, Prometheus metrics, k8s + Terraform. CI ✅ v0.4.2
PulseNet-RUL-Forecasting Turbofan RUL forecasting on SHA-256 verified NASA C-MAPSS data. JWT RS256 RBAC, hash-chained audit ledger, FDIA detector implementing BaseAnomalyModel, FGSM adversarial eval CI gate. CI ✅ v2.1.0

What each tool actually solves

hf-model-provenance-scanner — In May 2026, a fake OpenAI repo reached 244,000 downloads in 18 hours before detection. This tool checks repos for org impersonation, hidden execution scripts, and trust signals before any file is downloaded.

pip install -e . && hf-scan meta-llama/Llama-3-8B

adversarial-ml-lab — Most production classifiers have never been tested for adversarial robustness. This lab runs FGSM, PGD, and C&W attacks against any PyTorch model and produces a JSON report you can gate CI on.

pip install -e ".[dev]" && python -m adv_lab.eval.harness --n-samples 500 --output results/report.json

mcp-security-gateway-monitor — 200,000 exposed MCP server instances with zero auth (mid-2026). One server silently BCCed every email to an attacker. This tool monitors every tool call for exactly these patterns, with a cryptographically verified audit trail.

pip install -e ".[dev]" && python -m pytest tests/ -v

model-privacy-attacks — Measures privacy leakage from ML inference APIs: can an adversary infer training set membership from softmax confidence scores? Can they steal your decision boundary with 1,000 queries?

pip install -e ".[dev]" && python -m pytest tests/ -v

llm-redteam-framework — Generates adversarial prompts across 6 mutation categories and trains an offline classifier to detect them. No LLM API required. Useful for testing guardrails and building labeled safety datasets.

pip install -e ".[dev]" && python -m pytest tests/ -v

ml-pipeline-integrity-guard — A major ML framework was compromised for 42 undetected minutes in 2026. This tool fingerprints model weights per-layer, detects output drift, and probes for backdoor triggers.

pip install -e ".[dev]" && python -m pytest tests/ -v

dataset-poisoning-detector — Scans training datasets for anomalous samples before training begins. Three detectors (z-score, IQR, IsolationForest) return per-sample anomaly scores with feature attribution.

pip install -e ".[dev]" && python -m pytest tests/ -v

aegisai-public-dashboard — Live, public, zero-auth dashboard with 9 threat-intelligence panels. Deployed and running at no cost.


Technical areas

  • Adversarial ML: FGSM, PGD, C&W attacks, PGD adversarial training, FDIA detection
  • Privacy attacks: Membership inference (threshold / entropy / shadow), model extraction
  • LLM/Agent security: Prompt injection, tool poisoning, MCP security, RAG poisoning (OWASP LLM Top 10)
  • Model supply chain: Provenance verification, pickle exploit detection, typosquat detection, SBOM
  • ML integrity: Weight fingerprinting, output drift detection, backdoor probing, rollback scoring
  • Data security: Dataset poisoning detection, per-sample anomaly attribution
  • Secure serving: JWT RS256, RBAC, rate limiting, audit logging, Prometheus metrics
  • Stack: Python 3.11+, PyTorch, FastAPI, Next.js 14, Supabase, Docker, GitHub Actions, Qdrant, Redis

Availability

  • Location: Greater Phoenix Area, AZ
  • Available: July 6, 2026
  • Visa: F-1 OPT (H-1B sponsorship needed)
  • Preferred roles: ML Security Engineer · AI Security Researcher · Applied ML Security

Contact


Last updated: July 2026 · All 10 repos are public and runnable · No broken links

Popular repositories Loading

  1. docquery docquery Public

    Production RAG pipeline for financial document Q&A: Qdrant hybrid retrieval, cross-encoder reranking, Redis cache, FastAPI, and RAG poisoning detection (OWASP LLM08:2025).

    Python 1

  2. PulseNet-RUL-Forecasting PulseNet-RUL-Forecasting Public

    Official NASA C-MAPSS FD001 predictive-maintenance verification with data lineage, threat model, CI gates, auth/RBAC, tenant audit, and measured evidence.

    Python

  3. poojakira poojakira Public

    GitHub profile README — ML Security Engineer portfolio

    Python

  4. aegisai-public-dashboard aegisai-public-dashboard Public

    Real-time AI security dashboard: threat heatmaps, agent trust graphs, RAG canary monitoring, supply chain integrity, and 9 post-Mythos threat-intel features. Live on Vercel.

    TypeScript

  5. hf-model-provenance-scanner hf-model-provenance-scanner Public

    Scan any Hugging Face repo for malicious signals before model download. Detects org impersonation, pickle exploits, and supply chain attacks.

    Python

  6. mcp-security-gateway-monitor mcp-security-gateway-monitor Public

    Monitor MCP tool calls for injection attacks, PII leakage, shadow servers, and exfiltration patterns. Solves the 200K exposed MCP server problem (2026).

    Python