Skip to content
View poojakira's full-sized avatar
💭
open to work
💭
open to work
1 follower · 15 following

Achievements

Achievement: Quickdraw

Achievements

Achievement: Quickdraw

Block or report poojakira

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
poojakira/README.md

Hi, I'm Pooja Kiran. ML Security Engineer.

I build and test security controls around ML systems: model supply-chain verification, LLM/RAG application security, adversarial ML evaluation, and secure ML serving infrastructure. Every featured repo includes a documented threat model, verified test suite, and known-limitations section.

Portfolio LinkedIn Email

Portfolio by Security Layer

Model Supply Chain

Repo What it does
Model-Supply-Chain-Auditor Pickle opcode AST analysis, SafeTensors validation, Ed25519 signing, SLSA v1.0 provenance, policy-as-code CI gates, SARIF output
LLM-Guard-Scanner Prompt injection detection (pattern + embedding), PII/secret scanning, RAG poisoning checks, PyRIT/Garak red-teaming, OWASP LLM Top 10 mapping

LLM / RAG Security

Repo What it does
docquery Multi-tenant RAG pipeline with context guard, source provenance, PII redaction, prompt versioning, Qdrant + BGE reranking
LLM-Guard-Scanner (above) — also covers agentic scanner for tool-calling contexts

Adversarial ML & Privacy

Repo What it does
Adversarial-Robustness-Toolkit 5 attack families (FGSM/PGD/C&W/APGD/Square) + 3 defenses (PGD-AT/TRADES/RS) on CIFAR-10 ResNet-18 with measured reports
ML-Privacy-Attacks Membership inference (Shokri 2017, Carlini 2022, Yeom 2018), model inversion, DP-SGD accounting, EU AI Act / GDPR compliance mapping

Secure ML Platform & Infrastructure

Repo What it does
production-ml-platform ML serving with A/B testing (Thompson sampling), drift detection (KS/ADWIN), SHAP explainability, JWT auth, K8s deployment, Istio canary routing
PulseNet-RUL-Forecasting Predictive maintenance on NASA C-MAPSS with data lineage, JWT auth, RBAC, hash-chain audit logging, CI verification
Secure-ML-platform ML serving prototype with CORS/HSTS/rate-limiting/JWT/RBAC/audit/integrity/encryption — 15 security controls

Supporting

Repo What it does
coderev-agents Multi-agent code review combining Bandit SAST + LLM reasoning with prompt-injection guards (prototype)
RTX-OOM-Guard GPU out-of-memory detection and prevention for PyTorch training (GPU systems research)

Infrastructure & Security

Kubernetes Terraform AWS FastAPI PyTorch GitHub Actions Prometheus Grafana OpenTelemetry SARIF Ed25519 Qdrant Redis Helm

Verification Standard

Each featured repo includes:

  • make test / pytest — local verification
  • Documented threat model with adversary/attack/mitigation table
  • Known-limitations section
  • CI workflow with least-privilege permissions
  • Reproducible example commands

Metrics

GitHub stats Top languages

Pinned Loading

  1. LLM-Guard-Scanner LLM-Guard-Scanner Public

    LLM security scanner: prompt injection detection (pattern + embedding), PII/secret output scanning, RAG poisoning checks, PyRIT/Garak red-teaming, mapped to OWASP LLM Top 10

    Python 1

  2. Model-Supply-Chain-Auditor Model-Supply-Chain-Auditor Public

    ML model supply-chain scanner: pickle opcode AST analysis, SafeTensors validation, Ed25519 signing, SLSA v1.0 provenance, policy-as-code CI gates, SARIF output

    Python

  3. ML-Privacy-Attacks ML-Privacy-Attacks Public

    Membership inference (Shokri 2017) + model inversion (Fredrikson 2015). Quantifies privacy leakage in trained models.

    Python