Skip to content

johnpippett/iscooked

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

21 Commits
site
site
Β 
Β 
tests
tests
Β 
Β 
.gitignore
.gitignore
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
wrangler.toml
wrangler.toml
Β 
Β 

Repository files navigation

πŸ”₯ iscooked.com β€” Am I Cooked?

Local AI security scanner. One command to find out if your Ollama, LM Studio, or self-hosted LLM setup is leaking like a sieve.

curl -fsSL https://iscooked.com/iscooked.com | bash

Or download and run manually:

wget https://iscooked.com/iscooked.com
chmod +x iscooked.com
./iscooked.com

What it checks

Check What it looks for
Network Exposure AI services listening on 0.0.0.0 instead of localhost
API Authentication Ollama, LM Studio, Open WebUI running without auth
File Permissions Model files and directories world-readable/writable
Docker Risks AI containers running as root, privileged mode, host networking
GPU Exposure NVIDIA/AMD device permissions and management endpoints
Telemetry Active connections to known telemetry domains
Firewall Status UFW, firewalld, iptables, nftables β€” is anything running?
SSL/TLS AI services exposed over plain HTTP on non-localhost
Process Audit AI processes and what user they're running as
Sensitive Files .env files with API keys readable by other users
History & Logs API keys leaked in shell history, world-readable log dirs
Ollama Config OLLAMA_HOST, OLLAMA_ORIGINS, systemd service checks

Example output

  πŸ”₯ COOKED   Ollama (port 11434) is listening on ALL interfaces
  βœ… SAFE      LM Studio (port 1234) is bound to localhost only
  ⚠  WARMING UP  Ollama API is responding without authentication
  πŸ”₯ COOKED   No active firewall detected!
  πŸ”₯ COOKED   Shell history contains ~3 potential API key(s)

  YOUR COOKED SCORE

  73% cooked  [β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ          ]

  FULLY COOKED

  3 critical  1 warnings  2 passed

  You are absolutely cooked. Fix the critical issues above ASAP.

Scoring

Your cooked score ranges from 0–100%:

  • 0–14% β€” Looking Fresh. Your setup is locked down.
  • 15–39% β€” Slightly Warm. A few things to tighten up.
  • 40–69% β€” Medium Rare. Address those warnings.
  • 70–100% β€” Fully Cooked. Fix the critical issues now.

Requirements

  • Bash 4+
  • Standard Unix tools (ss/netstat, ps, stat, find)
  • Optional: curl (for API auth checks), docker (for container checks), nvidia-smi (for GPU checks)
  • Elevated privileges can improve some firewall and port checks

Privacy

iscooked.com runs entirely on your machine. It makes no network requests, sends no telemetry, and phones home to absolutely nobody. The only network activity is checking if your local AI services are reachable on localhost.

Contributing

PRs welcome! Some ideas:

  • Add checks for more AI tools (KoboldCpp, TabbyAPI, Whisper, etc.)
  • JSON output mode for CI/CD integration
  • Auto-fix mode for common issues
  • macOS-specific checks
  • WSL-specific checks

License

MIT β€” do whatever you want with it.

Built by a cybersecurity engineer who runs local LLMs. iscooked.com

About

πŸ”₯ Am I Cooked? One-command local AI security scanner for Ollama, LM Studio, and self-hosted LLMs.

iscooked.com

Topics

bash open-source security privacy self-hosted cybersecurity security-scanner ai-security local-llm ollama lm-studio

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages