Skip to content

Comprehensive LLM AI Model protection | Protect your production GenAI LLM applications | cybersecurity toolset aligned to addressing OWASP vulnerabilities in Large Language Models - https://genai.owasp.org/llm-top-10/

License

Notifications You must be signed in to change notification settings

dewitt4/LLMGuardian

Repository files navigation

LLMGuardian

CLICK HERE FOR THE FULL PROJECT

Comprehensive LLM protection toolset aligned to addressing OWASP vulnerabilities

Author: DeWitt Gibson https://www.linkedin.com/in/dewitt-gibson/

Full Documentaion and Usage Instructions: DOCS

Please see the Projects and Issues tab above for completion roadmap

Project Structure

LLMGuardian follows a modular and secure architecture designed to provide comprehensive protection for LLM applications. Below is the detailed project structure with explanations for each component:

Directory Structure

LLMGuardian/
├── .github/                      # GitHub specific configurations
│   ├── workflows/                # GitHub Actions workflows
│   ├── CODEOWNERS               # Repository ownership rules
│   ├── ISSUE_TEMPLATE/          # Issue reporting templates
│   └── PULL_REQUEST_TEMPLATE.md # PR guidelines
├── .circleci/                   # config files for using CircleCI https://circleci.com/ 
│
├── src/                         # Source code
│   └── llmguardian/            # Main package directory
│       ├── cli/                # Command-line interface
│       ├── dashboard/          # Streamlit dashboard
│       ├── core/               # Core functionality
│       ├── scanners/           # Security scanning modules
│       ├── defenders/          # Defense mechanisms
│       ├── monitors/           # Monitoring components
│       ├── api/                # API integration
|       ├── vectors/            # Embeddings protection / supply chain vulnerabilities
|       ├── data/               # Sensive data exposure / data poisoning
|       ├── agency/             # Excessive agency protection
│       └── utils/              # Utility functions
│
├── tests/                      # Test suite
│   ├── unit/                  # Unit tests
│   ├── integration/           # Integration tests
│   └── security/              # Security-specific tests
│
├── docs/                      # Documentation
├── scripts/                   # Utility scripts
├── page/                      # Files for GitHub pages
├── requirements/              # Dependencies
├── docker/                    # Docker configurations
├── config/                    # Various config files
└── app.py                     # Huggingface Space deployment

Component Details

Security Components

  1. Scanners (src/llmguardian/scanners/)

    • Prompt injection detection
    • Data leakage scanning
    • Model security validation
    • Output validation checks
  2. Defenders (src/llmguardian/defenders/)

    • Input sanitization
    • Output filtering
    • Rate limiting
    • Token validation
  3. Monitors (src/llmguardian/monitors/)

    • Real-time usage tracking
    • Threat detection
    • Anomaly monitoring
  4. Vectors (src/llmguardian/vectors/)

    • Embedding weaknesses
    • Supply chain vulnerabilities
    • Montior vector stores
  5. Data (src/llmguardian/data/)

    • Sensitive information disclosure
    • Protection from data poisoning
    • Data sanitizing
  6. Agency (src/llmguardian/agency/)

    • Permission management
    • Scope limitation
    • Safe execution

Core Components

  1. CLI (src/llmguardian/cli/)

    • Command-line interface
    • Interactive tools
    • Configuration management
  2. API (src/llmguardian/api/)

    • RESTful endpoints
    • Middleware
    • Integration interfaces
  3. Core (src/llmguardian/core/)

    • Configuration management
    • Logging setup
    • Core functionality

Testing & Quality Assurance

  1. Tests (tests/)
  • Unit tests for individual components
  • Integration tests for system functionality
  • Security-specific test cases
  • Vulnerability testing

Documentation & Support

  1. Documentation (docs/)
  • API documentation
  • Implementation guides
  • Security best practices
  • Usage examples
  1. Docker (docker/)
  • Containerization support
  • Development environment
  • Production deployment

Development Tools

  1. Scripts (scripts/)
    • Setup utilities
    • Development tools
    • Security checking scripts

Dashboard

  1. Dashboard(src/llmguardian/dashboard/)
  • Streamlit app
  • Visualization
  • Monitoring and control

Key Files

  • pyproject.toml: Project metadata and dependencies
  • setup.py: Package setup configuration
  • requirements/*.txt: Environment-specific dependencies
  • .pre-commit-config.yaml: Code quality hooks
  • CONTRIBUTING.md: Contribution guidelines
  • LICENSE: MIT license terms

Design Principles

The structure follows these key principles:

  1. Modularity: Each component is self-contained and independently maintainable
  2. Security-First: Security considerations are built into the architecture
  3. Scalability: Easy to extend and add new security features
  4. Testability: Comprehensive test coverage and security validation
  5. Usability: Clear organization and documentation

Getting Started with Development

To start working with this structure:

  1. Fork the repository
  2. Create and activate a virtual environment
  3. Install dependencies from the appropriate requirements file
  4. Run the test suite to ensure everything is working
  5. Follow the contribution guidelines for making changes

Huggingface

Huggingface Space Implementation:

https://huggingface.co/spaces/Safe-Harbor/LLMGuardian

  1. Create FastAPI backend with:

    • Model scanning endpoints
    • Prompt injection detection
    • Input/output validation
    • Rate limiting middleware
    • Authentication checks
  2. Gradio UI frontend with:

    • Model security testing interface
    • Vulnerability scanning dashboard
    • Real-time attack detection
    • Configuration settings

About

Comprehensive LLM AI Model protection | Protect your production GenAI LLM applications | cybersecurity toolset aligned to addressing OWASP vulnerabilities in Large Language Models - https://genai.owasp.org/llm-top-10/

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published