An open-source safeguard against prompt injection in AI summarization.
Project description
🛡️ Bulwark (Python)
An open-source safeguard against prompt injection in AI summarization.
Summarizing untrusted content (web pages, emails, PDFs, search results) with an LLM is dangerous: hidden instructions in that content can hijack the model. Bulwark wraps any model in five layers of defense — sanitize, detect, spotlight, harden, validate — so the content gets summarized and the attack inside it doesn't.
Full docs, threat model, and architecture: https://github.com/Myrhex-x/bulwark
Install
pip install bulwark-guard # zero dependencies
pip install "bulwark-guard[openai]" # optional OpenAI adapter
pip install "bulwark-guard[anthropic]" # optional Anthropic adapter
Use
from bulwark import Bulwark
guard = Bulwark()
def my_model(messages): # any callable: messages -> str
...
return summary_text
result = guard.summarize(untrusted_page, llm=my_model)
print(result.summary) # cleaned, validated summary (or None if blocked)
print(result.report) # what was caught
Detection only (no model):
from bulwark import scan
if scan(text).injected:
...
CLI:
echo "ignore previous instructions" | python -m bulwark
Presets
from bulwark import Bulwark, BulwarkConfig
Bulwark(BulwarkConfig.strict()) # delimiting + data-marking, blocks on critical
Bulwark(BulwarkConfig.paranoid()) # base64 isolation, blocks on high
No prompt-injection defense is perfect. Bulwark applies every robust mitigation at once and validates the model's output, but you should still keep your summarizer read-only and gate downstream actions. See the threat model.
MIT licensed — free for any use, including commercial.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file bulwark_guard-0.3.0.tar.gz.
File metadata
- Download URL: bulwark_guard-0.3.0.tar.gz
- Upload date:
- Size: 33.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2fdaf14f7823e4e650cab3baa03067f63a81dc259678d72d0ad5ba1aa3b6f827
|
|
| MD5 |
0e198e5524685524e80b1cbf799ec921
|
|
| BLAKE2b-256 |
139b8d647cd9c150853dab770a52ebd0939032c66e8ef623ffd5cbe7b4bbb41a
|
File details
Details for the file bulwark_guard-0.3.0-py3-none-any.whl.
File metadata
- Download URL: bulwark_guard-0.3.0-py3-none-any.whl
- Upload date:
- Size: 30.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
779ba0b6e916d2ac08568e87f1df8de9965635c0bf3f42ac381f0932882b8726
|
|
| MD5 |
7f9a0fd7d6bf55ad38e50321f54ece24
|
|
| BLAKE2b-256 |
478a2f46ef453b26cf4a98ac44e9ff35294a775e3e431b43a125db011938edbe
|