Firewall for prompts sent to Large Language Models — modular detector pipeline, policy engine, and Enterprise API.
Project description
PromptShield – Open-Source AI Firewall
Stop accidental leaks of secrets, PII, and proprietary code to ChatGPT, Claude, Copilot, and other LLMs.
Before: Developer → LLM → 💥 secret leaked
After: Developer → PromptShield → ✅ Safe AI usage
The problem
AI assistants are becoming part of every engineering workflow.
But developers are accidentally sending:
- AWS credentials
- customer emails
- internal URLs
- proprietary code
- production incidents
to external LLM providers.
PromptShield acts as a security gateway before your prompt reaches an AI model.
Developer
|
v
PromptShield
|
+--> Block secrets
+--> Redact PII
+--> Audit usage
|
v
ChatGPT / Claude / Copilot
Why PromptShield?
Every day, developers accidentally paste API keys, customer data, and internal URLs into AI prompts. Existing tools scan code after it's written. PromptShield protects the prompt before it's sent.
Features
- 🔍 9 security detectors — AWS keys, JWT, GitHub tokens, private keys, email, private IPs, internal URLs, context keywords
- 🛡️ Policy engine (YAML) —
block/warn/allowwith priorities - 🧹 Smart sanitization — replacement tokens, overlap-aware
- 🧠 Prompt intelligence — content classification + natural-language risk explanation
- 📊 Enterprise dashboard — compliance scores, trends, audit timeline
- 🏢 Multi-tenant ready — organizations, granular API keys, usage tracking
- 🐳 Docker & REST API — FastAPI, OpenAPI
/docs, CI-friendly exit codes
Quickstart
pip install -e ".[dev]" # from source
# or: pip install promptshield-security (when published)
echo "My AWS key is AKIA1234567890ABCDEF" | promptshield --json -y
# → policy_decision.action: block, exit code 2
API
python -m promptshield serve
# Swagger: http://127.0.0.1:8000/docs
curl -s -X POST http://127.0.0.1:8000/api/v1/analyze \
-H "Content-Type: application/json" \
-H "X-API-Key: $PROMPTSHIELD_API_KEY" \
-d '{"prompt":"AKIA1234567890ABCDEF","explain":true}'
Dashboard
python -m promptshield dashboard
# → http://127.0.0.1:8000/dashboard
Optional: PROMPTSHIELD_DASHBOARD_KEY for dashboard auth.
Multi-tenant admin
# Create organization (requires admin:create_organization)
curl -s -X POST http://127.0.0.1:8000/api/v1/admin/organizations \
-H "X-API-Key: $MASTER_KEY" -H "Content-Type: application/json" \
-d '{"name":"Acme Corp"}'
# → returns api_key once with full permissions
Architecture
Prompt → Detectors → Findings → Risk score
→ Policy engine → block / warn / allow
→ Sanitizer (optional)
→ Classifier + Explainer (--explain)
→ Persistence + usage (API, optional)
CLI and HTTP share PromptShieldService. Persistence and multi-tenancy are optional for CLI.
Configuration (env)
| Variable | Purpose |
|---|---|
PROMPTSHIELD_API_KEY |
Comma-separated API keys (seeded into Default org) |
PROMPTSHIELD_ENV |
development / production |
DATABASE_URL |
SQLite (default) or PostgreSQL |
PROMPTSHIELD_ENCRYPTION_KEY |
64-hex AES-256 key for encrypted prompts |
PROMPTSHIELD_RETENTION_DAYS |
Audit retention (default 90) |
PROMPTSHIELD_DASHBOARD_KEY |
Protect HTML dashboard |
PROMPTSHIELD_PERSISTENCE |
1/0 for API persistence |
Documentation
- CLI —
promptshield --help,serve,dashboard,cleanup - API — interactive OpenAPI at
/docs - Dashboard —
/dashboard(overview, compliance, analyses, audit) - Contributing — see CONTRIBUTING.md
- Changelog — see CHANGELOG.md
License
Licensed under the Apache License 2.0.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file promptshield_security-0.6.0.tar.gz.
File metadata
- Download URL: promptshield_security-0.6.0.tar.gz
- Upload date:
- Size: 106.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
67a9a1a6034246d4b1293e3a6957e5b6cc9fec5cb968b858f8de0e9f0ee54bdd
|
|
| MD5 |
ddb058d5782ec1b9e82d5aef22b021b4
|
|
| BLAKE2b-256 |
e7778ccdc226f610b147e6633894044484c33ef8d25532a6df73d5d21c1538c6
|
File details
Details for the file promptshield_security-0.6.0-py3-none-any.whl.
File metadata
- Download URL: promptshield_security-0.6.0-py3-none-any.whl
- Upload date:
- Size: 108.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b8a3b5f4895acfb4ccbf21cd5d6f6d07db70d3bc2bd345a7fb7f728652243058
|
|
| MD5 |
12834f83490bdeae39027b045b40ef96
|
|
| BLAKE2b-256 |
f07509515d8abf5d54c6449f34f5c1019a38fdc8661d43de101d2e619e56b134
|