Security Shield

Two-tier prompt security that blocks injection, jailbreaks, PII leaks, and secrets, under 2 ms, always on.

HiWay2LLM Security Shield is a middleware layer that scans every incoming message before it reaches the model. It runs two scan tiers in sequence and operates in three configurable modes: off, monitor, and block.

How it works

Tier 1, Regex (< 2 ms, always on): A battery of compiled patterns catches the most common attacks without loading any model. It covers prompt injection, jailbreak patterns, PII (email addresses, French IBANs, phone numbers), API secrets (OpenAI, Anthropic, GitHub PAT, Bearer tokens), and prompt extraction attempts.

Tier 2, LLM Guard (20-50 ms, optional): When Tier 1 assigns a suspicion score above 0.4, the request is escalated to a local NLP pipeline (llm-guard). This tier is only active if the package is installed; it degrades gracefully to Tier 1 only if absent.

Threat types detected

- prompt_injection, attempts to override system instructions (ignore previous instructions, you are now, DAN patterns, developer mode) - prompt_extraction, attempts to read the system prompt (repeat your instructions, what are your instructions) - jailbreak, requests for malware, exploits, synthesis of dangerous substances, or CSAM - pii, personal data in user messages (email, phone, IBAN, SIRET/SIREN) - secrets, API keys and credentials accidentally pasted into prompts

Fail-open design

Always fails open

Any internal error in the shield (DB unreachable, Redis timeout, unexpected exception) logs a warning and lets the request through unchanged. The shield never becomes a single point of failure for your application.

Events and audit trail

Every detected threat is written to security_events with the threat type, score, action taken, model name, hashed prompt, and client IP. This table is immutable by design, a database trigger prevents any UPDATE or DELETE, producing a tamper-proof audit trail suitable for SOC 2 and GDPR compliance.