| Version | Supported |
|---|---|
| 1.0.x | ✅ Current Release |
Please report security vulnerabilities through GitHub's Private Vulnerability Reporting.
We use a defense-in-depth approach combining regex, heuristics, and optional ML classifiers to catch both known and novel injection patterns.
All LLM outputs are scanned for PII and secrets before being returned to the user, preventing unintentional data leakage.
Documents ingested into the RAG pipeline are audited for indirect prompt injection to prevent "Man-in-the-Middle" attacks on the knowledge base.
- Adversarial Evasion: Highly sophisticated, low-perplexity adversarial attacks may bypass pattern-based and heuristic detectors.
- Contextual Nuance: LLM security is inherently probabilistic. This tool is a guardrail, not a perfect firewall.