Secure AI Applications in 3 Lines of Code
An enterprise-grade, bidirectional LLM security framework. Defend against prompt injection, jailbreaks, data leakage, and PII exposure in production applications.
pip install promptshieldsCore install covers pattern matching, session tracking, canary tokens, and the pre-trained ML ensemble. Some features need extra dependencies:
# Output DLP engine (Bloom filters, Aho-Corasick, semantic similarity)
pip install "promptshields[output]"
# Semantic/embedding-based matching (sentence-transformers)
pip install "promptshields[ml]"
# Framework integrations (LangChain, LiteLLM, LlamaIndex, CrewAI)
pip install "promptshields[integrations]"
# Everything
pip install "promptshields[all]"from promptshield import Shield
shield = Shield.balanced()
result = shield.protect_input(user_input, system_prompt)
if result['blocked']:
print(f"Blocked: {result['reason']} (score: {result['threat_level']:.2f})")
print(f"Breakdown: {result['threat_breakdown']}")| Feature | PromptShields | DIY Regex | Paid APIs |
|---|---|---|---|
| Setup Time | 3 minutes | Weeks | Days |
| Cost | Free | Free | $$$$ |
| Privacy | 100% Local | Local | Cloud |
| F1 Score | 0.97 (RF) / 0.96 (DeBERTa) | ~0.60 | ~0.95 |
| ML Models | 3 + DeBERTa | None | Black box |
| Async | Native | DIY | Varies |
- Prompt injection attacks (direct and indirect)
- Jailbreak attempts (DAN, persona replacement)
- System prompt extraction
- PII leakage and sensitive data exposure
- Session anomalies
- Encoded/obfuscated attacks (Base64, URL, Unicode)
Choose the right tier for your application latency requirements:
Shield.fast() # ~1ms - High throughput (pattern matching only)
Shield.balanced() # ~2ms - Production default (patterns + session tracking)
Shield.strict() # ~7ms - Sensitive apps (+ 1 ML model + PII detection)
Shield.secure() # ~12ms - Maximum security (3 ML models ensemble)Version 3.0.0 introduces a massive update with the new bidirectional Output Filter.
Prevent sensitive data, PII, and proprietary knowledge from leaking through LLM generations securely before they reach the user.
- 4-Layer Scanning Pipeline: Defends against data leakage using Bloom Filters, Aho-Corasick exact matching, Honeypot traps, and Embedding-based Semantic Similarity checks.
- Semantic Leakage Detection: Natively utilizes
sentence-transformersto detect when the LLM's output is highly semantically similar to your proprietary system prompts or private databases. - Contextual PII Redaction: A heavily-optimized detection system to proactively redact sensitive information securely.
from promptshield import OutputFilter
filter = OutputFilter(
system_prompt="You are a secret agent...",
enforce_pii=True,
enforce_embeddings=True
)
safe_text, was_redacted = filter.scan_output("My name is John Doe.")- Complete thread-safety for multi-tenant high-concurrency environments.
- Strict HMAC-SHA256 authenticated webhooks.
- Lazy-loading implementation for heavy dependencies (
numpy,sentence-transformers) for lightning-fast cold starts.
Launch shields declaratively without changing application code.
shield = Shield.from_config("promptshield.yml")Instantly trigger webhooks whenever high-severity threats are blocked natively.
shield = Shield.balanced(webhook_url="https://hooks.slack.com/...")Native middleware integration for modern web frameworks.
from promptshield import Shield
from promptshield.integrations.fastapi import PromptShieldMiddleware
app.add_middleware(PromptShieldMiddleware, shield=Shield.balanced())Trained on the highly curated neuralchemy/Prompt-injection-dataset:
| Model | F1 | ROC-AUC | FPR | Latency |
|---|---|---|---|---|
| Random Forest | 0.969 | 0.994 | 6.9% | <1ms |
| Logistic Regression | 0.964 | 0.995 | 6.4% | <1ms |
| Gradient Boosting | 0.961 | 0.994 | 7.9% | <1ms |
| LinearSVC | 0.959 | 0.995 | 10.3% | <1ms |
| DeBERTa-v3-small | 0.959 | 0.950 | 8.5% | ~50ms |
Pre-trained models available on Hugging Face:
Full API reference, guides, and integration details are available in the GitHub repository.
MIT License — see LICENSE
Built by Sanskar Jajoo / NeurAlchemy — AI Security and LLM Safety Research