The problem

When you point an LLM coding agent at your repo, it reads everything — source files, configs, environment files, lock files. It doesn’t distinguish between safe code and a hardcoded AWS secret. Whatever’s in the repo goes into the context window, and from there into logs, suggestions, or API calls.

This isn’t theoretical. A leaked .env file, a committed private key, a dependency with a known CVE — any of these become part of the prompt. The agent might echo a secret in a code suggestion. It might build on top of a vulnerable dependency without flagging it. It might reference a sensitive config pattern in a way that ends up in a shared conversation.

The question isn’t whether your code works. It’s whether your code is safe to share with a machine that will read all of it, process it externally, and generate output based on it.

The score

The Rta Security Scanner now produces an LLM Readiness Score — a percentage from 0 to 100 that answers that question. It runs five checks against your codebase, counts what it finds, and produces a single number with a band rating.

The output looks like this:

LLM Readiness Score: 94% [Band A] — Ready — safe for LLM-assisted development

Four bands:

BandScoreMeaning
A90-100Ready - safe for LLM-assisted development
B70-89Caution - review findings before LLM use
C40-69At Risk - remediate issues before LLM use
D0-39Unsafe - do not use with LLM agents

How it works

The score starts at 100 and deducts points based on findings from five checks:

Secret Detection — committed secrets (API keys, tokens, passwords) in your git history. Each secret found costs 15 points. A single leaked key drops you to Band B. Three or more and you’re in Band C.

Secret Baseline — new secrets not yet tracked in your baseline. Each costs 10 points. This catches secrets introduced since your last scan.

Static Analysis — code vulnerabilities and misconfigurations. Errors cost 8 points each, warnings cost 3, informational findings cost 1. A handful of missing SRI attributes won’t kill your score. A SQL injection will.

Dependency Scan — known CVEs in your dependency tree. Critical CVEs cost 10 points each, high-severity cost 5. An unpatched critical vulnerability in a direct dependency can drop your score by a full band.

Sensitive File Detection — files that should never be in a repo: .env, .pem, .key, credentials.json, database files, private keys. Each costs 8 points. These are the files most likely to leak data through an LLM’s context window.

Every deduction category has a cap to prevent a single check from zeroing out the score. The final number reflects the aggregate risk across all five dimensions.

Why a score matters

Security scan output is noisy. Twenty JSON files across four tools, each with different severity scales and output formats. Nobody reads all of it. A score compresses that into a decision: can I use this codebase with an LLM agent right now, or do I need to fix something first?

It also creates a baseline you can track over time. Run it in CI on every push. If the score drops below 70, block the merge. If it stays above 90, your team knows the repo is clean enough for agent-assisted development without worrying about what the agent might see.

Get access

The Rta Security Scanner is currently in private beta. If you want to run the LLM Readiness Score against your codebase, reach out to us for a demo.


Links: Rta Labs · GitHub