Production-Grade LLM Security Framework - Protect against prompt injection, jailbreaks, and data leakage
Project description
PromptShield
Secure AI Applications in 3 Lines of Code
An enterprise-grade, bidirectional LLM security framework. Defend against prompt injection, jailbreaks, data leakage, and PII exposure in production applications.
Installation
pip install promptshields
Quick Start
from promptshield import Shield
shield = Shield.balanced()
result = shield.protect_input(user_input, system_prompt)
if result['blocked']:
print(f"Blocked: {result['reason']} (score: {result['threat_level']:.2f})")
print(f"Breakdown: {result['threat_breakdown']}")
Features & Capabilities
| Feature | PromptShields | DIY Regex | Paid APIs |
|---|---|---|---|
| Setup Time | 3 minutes | Weeks | Days |
| Cost | Free | Free | $$$$ |
| Privacy | 100% Local | Local | Cloud |
| F1 Score | 0.97 (RF) / 0.96 (DeBERTa) | ~0.60 | ~0.95 |
| ML Models | 4 + DeBERTa | None | Black box |
| Async | Native | DIY | Varies |
Protection Scope
- Prompt injection attacks (direct and indirect)
- Jailbreak attempts (DAN, persona replacement)
- System prompt extraction
- PII leakage and sensitive data exposure
- Session anomalies
- Encoded/obfuscated attacks (Base64, URL, Unicode)
Security Modes
Choose the right tier for your application latency requirements:
Shield.fast() # ~1ms - High throughput (pattern matching only)
Shield.balanced() # ~2ms - Production default (patterns + session tracking)
Shield.strict() # ~7ms - Sensitive apps (+ 1 ML model + PII detection)
Shield.secure() # ~12ms - Maximum security (4 ML models ensemble)
Upgrading to v3.0.0
Version 3.0.0 introduces a massive update with the new bidirectional Output Filter.
Output Engine (Data Leakage Prevention)
Prevent sensitive data, PII, and proprietary knowledge from leaking through LLM generations securely before they reach the user.
- 4-Layer Scanning Pipeline: Defends against data leakage using Bloom Filters, Aho-Corasick exact matching, Honeypot traps, and Embedding-based Semantic Similarity checks.
- Semantic Leakage Detection: Natively utilizes
sentence-transformersto detect when the LLM's output is highly semantically similar to your proprietary system prompts or private databases. - Contextual PII Redaction: A heavily-optimized detection system to proactively redact sensitive information securely.
from promptshield import OutputFilter
filter = OutputFilter(
system_prompt="You are a secret agent...",
enforce_pii=True,
enforce_embeddings=True
)
safe_text, was_redacted = filter.scan_output("My name is John Doe.")
Performance & Hardening
- Complete thread-safety for multi-tenant high-concurrency environments.
- Strict HMAC-SHA256 authenticated webhooks.
- Lazy-loading implementation for heavy dependencies (
numpy,sentence-transformers) for lightning-fast cold starts.
Developer Experience
YAML Configuration
Launch shields declaratively without changing application code.
shield = Shield.from_config("promptshield.yml")
Slack and Teams Webhooks
Instantly trigger webhooks whenever high-severity threats are blocked natively.
shield = Shield.balanced(webhook_url="https://hooks.slack.com/...")
Async and FastAPI Support
Native middleware integration for modern web frameworks.
from promptshield import Shield
from promptshield.integrations.fastapi import PromptShieldMiddleware
app.add_middleware(PromptShieldMiddleware, shield=Shield.balanced())
Benchmark Results
Trained on the highly curated neuralchemy/Prompt-injection-dataset:
| Model | F1 | ROC-AUC | FPR | Latency |
|---|---|---|---|---|
| Random Forest | 0.969 | 0.994 | 6.9% | <1ms |
| Logistic Regression | 0.964 | 0.995 | 6.4% | <1ms |
| Gradient Boosting | 0.961 | 0.994 | 7.9% | <1ms |
| LinearSVC | 0.959 | 0.995 | 10.3% | <1ms |
| DeBERTa-v3-small | 0.959 | 0.950 | 8.5% | ~50ms |
Pre-trained models available on Hugging Face:
Documentation
Full API reference, guides, and integration details are available at the PromptShield Documentation Portal.
License
MIT License — see LICENSE
Built by NeurAlchemy — AI Security and LLM Safety Research
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file promptshields-3.0.1.tar.gz.
File metadata
- Download URL: promptshields-3.0.1.tar.gz
- Upload date:
- Size: 15.7 MB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
cc31be95466318073f79072168e333cd719e6010d143b0b7472cbb38cf6f5b7d
|
|
| MD5 |
ad585cc38a2461bf2657ceffd676873f
|
|
| BLAKE2b-256 |
000a62a220794167853d26ace5fc50cef5857c2cb56b7d0f31eb78a0c046282e
|
File details
Details for the file promptshields-3.0.1-py3-none-any.whl.
File metadata
- Download URL: promptshields-3.0.1-py3-none-any.whl
- Upload date:
- Size: 15.9 MB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
805ad47e2a58b266f89a6fe385af339dd257b7e8d0efbfdad14d9dfd48c43dd2
|
|
| MD5 |
8a2dc912fd29e819770ed8c38fae6218
|
|
| BLAKE2b-256 |
9c6d895d6c51b334b9a4ceaeb8a1445ac294c04e7c1549fc1cc76b02657a39c2
|
