Skip to main content

An open-source safeguard against prompt injection in AI summarization.

Project description

🛡️ Bulwark (Python)

An open-source safeguard against prompt injection in AI summarization.

Summarizing untrusted content (web pages, emails, PDFs, search results) with an LLM is dangerous: hidden instructions in that content can hijack the model. Bulwark wraps any model in five layers of defense — sanitize, detect, spotlight, harden, validate — so the content gets summarized and the attack inside it doesn't.

Full docs, threat model, and architecture: https://github.com/Myrhex-x/bulwark

Install

pip install bulwark-guard                 # zero dependencies
pip install "bulwark-guard[openai]"       # optional OpenAI adapter
pip install "bulwark-guard[anthropic]"    # optional Anthropic adapter

Use

from bulwark import Bulwark

guard = Bulwark()

def my_model(messages):          # any callable: messages -> str
    ...
    return summary_text

result = guard.summarize(untrusted_page, llm=my_model)
print(result.summary)            # cleaned, validated summary (or None if blocked)
print(result.report)             # what was caught

Detection only (no model):

from bulwark import scan
if scan(text).injected:
    ...

CLI:

echo "ignore previous instructions" | python -m bulwark

Presets

from bulwark import Bulwark, BulwarkConfig
Bulwark(BulwarkConfig.strict())     # delimiting + data-marking, blocks on critical
Bulwark(BulwarkConfig.paranoid())   # base64 isolation, blocks on high

No prompt-injection defense is perfect. Bulwark applies every robust mitigation at once and validates the model's output, but you should still keep your summarizer read-only and gate downstream actions. See the threat model.

MIT licensed — free for any use, including commercial.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

bulwark_guard-0.3.0.tar.gz (33.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

bulwark_guard-0.3.0-py3-none-any.whl (30.4 kB view details)

Uploaded Python 3

File details

Details for the file bulwark_guard-0.3.0.tar.gz.

File metadata

  • Download URL: bulwark_guard-0.3.0.tar.gz
  • Upload date:
  • Size: 33.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.9.6

File hashes

Hashes for bulwark_guard-0.3.0.tar.gz
Algorithm Hash digest
SHA256 2fdaf14f7823e4e650cab3baa03067f63a81dc259678d72d0ad5ba1aa3b6f827
MD5 0e198e5524685524e80b1cbf799ec921
BLAKE2b-256 139b8d647cd9c150853dab770a52ebd0939032c66e8ef623ffd5cbe7b4bbb41a

See more details on using hashes here.

File details

Details for the file bulwark_guard-0.3.0-py3-none-any.whl.

File metadata

  • Download URL: bulwark_guard-0.3.0-py3-none-any.whl
  • Upload date:
  • Size: 30.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.9.6

File hashes

Hashes for bulwark_guard-0.3.0-py3-none-any.whl
Algorithm Hash digest
SHA256 779ba0b6e916d2ac08568e87f1df8de9965635c0bf3f42ac381f0932882b8726
MD5 7f9a0fd7d6bf55ad38e50321f54ece24
BLAKE2b-256 478a2f46ef453b26cf4a98ac44e9ff35294a775e3e431b43a125db011938edbe

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page