@aegis-sdk/openai
Advanced tools
OpenAI SDK adapter for Aegis prompt injection defense. Scans messages, monitors streams, and validates tool calls in the OpenAI chat completion format.
Part of the Aegis.js prompt injection defense toolkit.
npm install @aegis-sdk/openai @aegis-sdk/core openai
Wrap the OpenAI client for automatic protection on every call:
import OpenAI from 'openai';
import { Aegis } from '@aegis-sdk/core';
import { wrapOpenAIClient } from '@aegis-sdk/openai';
const aegis = new Aegis({ policy: 'strict' });
const client = wrapOpenAIClient(new OpenAI(), aegis);
// Messages are scanned before sending.
// Streaming responses are monitored in real-time.
// Tool calls are validated against the policy.
const stream = await client.chat.completions.create({
model: 'gpt-4o',
messages: [{ role: 'user', content: 'Hello!' }],
stream: true,
});
Or scan messages manually:
import { Aegis } from '@aegis-sdk/core';
import { guardMessages } from '@aegis-sdk/openai';
const aegis = new Aegis({ policy: 'strict' });
const messages = [
{ role: 'system' as const, content: 'You are a helpful assistant.' },
{ role: 'user' as const, content: userInput },
];
// Throws AegisInputBlocked if injection is detected
const safe = await guardMessages(aegis, messages);
wrapOpenAIClient(client, aegis, options?)Proxy the OpenAI client to automatically guard all chat.completions.create() calls. Input messages are scanned before sending, streaming responses are monitored, and tool/function calls are validated against the Aegis policy. All other client methods pass through unchanged.
guardMessages(aegis, messages, options?)Scan an array of OpenAIChatCompletionMessageParam[] for prompt injection. Extracts text from all message formats (string content, multi-modal content parts, tool/function messages) and runs them through aegis.guardInput(). Optionally validates tool_calls and function_call blocks against the policy (enabled by default). Returns the original messages if safe, throws AegisInputBlocked if blocked.
createStreamTransform(aegis)Create a TransformStream<string, string> for monitoring extracted text deltas. Feed delta.content values from OpenAI streaming chunks through this transform for real-time output scanning.
getAuditLog(aegis)Convenience accessor for the Aegis audit log.
guardMessages and the client wrapper accept OpenAIGuardOptions:
scanStrategy -- 'last-user' (default), 'all-user', or 'full-history'validateToolCalls -- Whether to validate tool/function calls against the policy (default: true)MIT
FAQs
OpenAI SDK adapter for Aegis prompt injection defense
The npm package @aegis-sdk/openai receives a total of 10 weekly downloads. As such, @aegis-sdk/openai popularity was classified as not popular.
We found that @aegis-sdk/openai demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Socket detected malicious node-ipc versions with obfuscated stealer/backdoor behavior in a developing npm supply chain attack.
Security News
TeamPCP and BreachForums are promoting a Shai-Hulud supply chain attack contest with a $1,000 prize for the biggest package compromise.
Security News
Packagist urges PHP projects to update Composer after a GitHub token format change exposed some GitHub Actions tokens in CI logs.