Prompt injection scanner + rules engine

Score prompts for injection risk before they reach your LLM

Prompt Defenders scores prompt text against a versioned rule pack, surfaces concrete advisories, and keeps raw prompt content out of storage. It is built for teams that need a gate before unsafe instructions reach a model or an operator.

Hash-only correlation for submitted textRule-based scoring with severity bandsAsync deep analysis queue for longer reviews
Pre-LLM request scanningRed-team prompt reviewCI checks for prompt librariesSupport-chatbot guardrails

Scan from the terminal or CI

git clone https://github.com/RazonIn4K/prompt-defenders
cd prompt-defenders && npm install
npx prompt-defender scan examples/injection_simple.txt --rules basic

The CLI ships in this repo today (also reads stdin with scan -); an npm package is on the roadmap.

Gate requests in middleware

import { scanInput } from "./src/lib/scanner";

app.post("/chat", (req, res) => {
  const scan = scanInput(String(req.body?.prompt ?? ""));
  if (scan.success && scan.analysis.score >= 50) {
    return res.status(422).json({
      blocked: true,
      advisories: scan.analysis.advisories,
    });
  }
  // safe: forward the prompt to your model
});

Adapted from the runnable Express demo in examples/integration_demo.

Run a prompt through the rule pack

Hashed only. Guidance, not certification.

Raw input is never stored. Prompt Defenders computes a HMAC hash for correlation only, uses Datadog RUM with mask-user-input, and returns advisory findings rather than a compliance guarantee.

Quick examples

Advisories, severity, and exportable evidence

Run a scan to get a scored result, severity band, and advisory list.