UNPKG

prompt-chainmail

Version:

Security middleware that shields AI applications from prompt injection, jailbreaking, and obfuscated attacks through composable defense layers.

github.com/alexandrughinea/prompt-chainmail-ts

alexandrughinea/prompt-chainmail-ts

109 lines 3.72 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
/** * Context object passed through the rivet chain during input processing. * Contains the current state of input analysis and security assessment. * * @public * @example Processing Context * ```typescript * const rivet: ChainmailRivet = async (context, next) => { * // Check confidence level * if (context.confidence < 0.5) { * context.blocked = true; * context.flags.add('low_confidence'); * context.metadata.reason = 'Confidence below threshold'; * } * return next(); * }; * ``` */ export interface ChainmailContext { /** Original input text or stream summary (readonly after initialization) */ readonly input: string; /** Current processed text after rivet transformations */ sanitized: string; /** Security flags detected during processing (e.g., 'role_confusion', 'sql_injection') */ flags: Set<string>; /** * Security confidence score (0.0 to 1.0): * - 1.0: No threats detected, completely safe * - 0.9: Low threat penalty applied (0.1 deduction) * - 0.75: Medium threat penalty applied (0.25 deduction) * - 0.6: High threat penalty applied (0.4 deduction) * - 0.4: Critical threat penalty applied (0.6 deduction) * - 0.0: Multiple critical threats, maximum penalty */ confidence: number; /** Additional data from rivets (patterns matched, decoded content, etc.) */ metadata: Record<string, unknown>; /** True if input should be rejected based on security analysis */ blocked: boolean; /** Timestamp when processing started (milliseconds since epoch) */ readonly start_time: number; /** Unique session identifier for tracking and debugging */ readonly session_id: string; } /** * Result object returned after processing input through the chainmail. * Contains success status, processing context, and any errors encountered. * * @public * @example Handling Results * ```typescript * const result = await chainmail.protect(userInput); * * if (result.success) { * // Safe to process * await processInput(result.context.sanitized); * } else { * // Handle security violation * logger.warn('Security violation', { * flags: result.context.flags, * confidence: result.context.confidence * }); * } * ``` */ export interface ChainmailResult { /** Whether the input passed all security checks */ success: boolean; /** Processing context containing analysis results */ context: ChainmailContext; /** Error message if processing failed */ error?: string; /** Processing duration in milliseconds */ processing_time: number; /** Memory usage during processing in bytes */ memory_usage?: number; } /** * A rivet function that processes input context and can modify it. * Rivets are chained together to form a complete security pipeline. * * @param context - The current processing context * @param next - Function to call the next rivet in the chain * @returns Promise resolving to the processing result * * @public * @example Custom Rivet * ```typescript * const customRivet: ChainmailRivet = async (context, next) => { * // Pre-processing logic * if (context.sanitized.includes('forbidden')) { * context.flags.add('forbidden_content'); * context.confidence *= 0.5; * } * * // Continue to next rivet * const result = await next(); * * // Post-processing logic * if (!result.success) { * context.metadata.failure_reason = 'Custom rivet detected issue'; * } * * return result; * }; * ``` */ export type ChainmailRivet = (context: ChainmailContext, next: () => Promise<ChainmailResult>) => Promise<ChainmailResult>; //# sourceMappingURL=types.d.ts.map