Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement
Sign In

@gptsafe/promptguard

Package Overview
Dependencies
Maintainers
1
Versions
3
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@gptsafe/promptguard

Prevent GPT prompt attacks for Node.js & TypeScript

latest
Source
npmnpm
Version
0.2.0
Version published
Maintainers
1
Created
Source

PromptGuard



What is PromptGuard?

PromptGuard helps you build production ready GPT apps for Node.js and TypeScript applications.

Project Goals

The goal of the PromptGuard project is to provide the features necessary to deploy GPT-based applications to production. This includes:

  • Detecting and mitigating prompt attacks
  • Caching to improve performance and reduce the cost of GPT queries
  • Content filtering
  • Language filtering
  • Token limiting
  • GPT ready encoded outputs
  • Prompt Obfuscation

PromptGuard is still a fairly young project and would love your contributions. If you wish to contribute, please read the contribution guide and code of conduct first.

Feature requests and bug reports are welcome!

Configuration Options

OptionDefault ValueDescription
maxTokens4096The maximum amount of tokens the prompt can contain. Restricting the maximum amount of tokens can reduce the cost of the GPT query and the opportunity for prompt attacks. You can read more information about tokens here.

If the prompt exceeds the maximum tokens, PromptGuard will reject the prompt with the following output:
{ pass: false, output: EXCEEDS_MAX_TOKEN_THRESHOLD }
denyList[""]An array of string literals that should not appear in the prompt text. If PromptGuard finds a deny list match, it will reject with the following output:
{ pass: false, output: CONTAINS_DENY_LIST_ITEM }
disableAttackMitigationfalseA list of known prompt attacks and injections that are checked against the prompt. In the future, this will become more sophisticated.

If PromptGuard finds a default deny list match, it will reject the prompt with the following output:
{ pass: false, output: CONTAINS_KNOWN_ATTACK }
encodeOutputfalseEncodes the output as GPT-3 tokens. You can read more information about tokens here.

Usage

Install

npm install @gtpsafe/promptguard

Configure

import { PromptGuard } from "@gtpsafe/promptguard"

const promptGuard = new PromptGuard({
  maxTokens: 200,
  denyList:['baz'],
});

Process a Prompt

const output = await promptGuard.process("This is my awesome prompt. There are many like it, but this one is mine.")

Output

{
  pass: true,
  output: "This is my awesome prompt. There are many like it, but this one is mine."
}

Keywords

GPT
prompt
attack
injection
ChatGPT
GPT-3

FAQs

Package last updated on 08 Feb 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Famous Chollima Targets PHP Developers Through Compromised Packagist Package

Research

/

Security News

Famous Chollima Targets PHP Developers Through Compromised Packagist Package

The North Korean malware loader hides in a Packagist-listed package and its GitHub branch to fetch and execute remote code in a likely Contagious Interview-style lure.

By Kirill Boychenko  -  May 31, 2026