Show HN: Firewall for LLMs–Guard Against Prompt Injection, PII Leakage, Toxicity

Hey HN,<p>We&#x27;re building Aegis, a firewall for LLMs: a guard against adversarial attacks, prompt injections, toxic language, PII leakage, etc.<p>One of the primary concerns entwined with building LLM applications is the chance of attackers subverting the model’s original instructions via untrusted user input, which unlike in SQL injection attacks, can’t be easily sanitized. (See <a href="https:&#x2F;&#x2F;greshake.github.io&#x2F;" rel="nofollow noreferrer">https:&#x2F;&#x2F;greshake.github.io&#x2F;</a> for the mildest such instance.) Because the consequences are dire, we feel it’s better to err on the side of caution, with something mutli-pass like Aegis, which consists of a lexical similarity check, a semantic similarity check, and a final pass through an ML model.<p>We&#x27;d love for you to check it out—see if you can prompt inject it!, and give any suggestions&#x2F;thoughts on how we could improve it: <a href="https:&#x2F;&#x2F;github.com&#x2F;automorphic-ai&#x2F;aegis">https:&#x2F;&#x2F;github.com&#x2F;automorphic-ai&#x2F;aegis</a>.<p>If you want to play around with it without creating an account, try the playground: <a href="https:&#x2F;&#x2F;automorphic.ai&#x2F;playground" rel="nofollow noreferrer">https:&#x2F;&#x2F;automorphic.ai&#x2F;playground</a>.<p>If you&#x27;re interested in or need help using Aegis, have ideas, or want to contribute, join our Discord (<a href="https:&#x2F;&#x2F;discord.com&#x2F;invite&#x2F;E8y4NcNeBe" rel="nofollow noreferrer">https:&#x2F;&#x2F;discord.com&#x2F;invite&#x2F;E8y4NcNeBe</a>), or feel free to reach out at founders@automorphic.ai. Excited to hear your feedback!<p>Repository: <a href="https:&#x2F;&#x2F;github.com&#x2F;automorphic-ai&#x2F;aegis">https:&#x2F;&#x2F;github.com&#x2F;automorphic-ai&#x2F;aegis</a> Playground: <a href="https:&#x2F;&#x2F;automorphic.ai&#x2F;playground" rel="nofollow noreferrer">https:&#x2F;&#x2F;automorphic.ai&#x2F;playground</a>