Lilly Tech Systems
Intermediate
AI Security Tools
An overview of the best tools and frameworks available for detecting, preventing, and monitoring prompt injection attacks in production AI systems.
Guardrail Frameworks
| Tool | Type | Key Features | Best For |
|---|---|---|---|
| LLM Guard | Open Source | Prompt injection detection, PII scanning, toxicity filtering, invisible text detection | Comprehensive input/output protection |
| NeMo Guardrails | Open Source | Colang modeling language, programmable dialogue flows, topical rails | Complex conversational AI systems |
| Guardrails AI | Open Source | Output validation, schema enforcement, automatic re-asking, custom validators | Structured output validation |
| Lakera Guard | Commercial API | Real-time injection detection, continuously updated threat database, low latency | Production-grade detection |
| Rebuff | Open Source | Multi-layer defense, canary tokens, heuristic analysis, LLM-based detection | Self-hosted defense pipeline |
Security Scanning and Testing
Garak
LLM vulnerability scanner inspired by traditional security tools. Probes for prompt injection, data leakage, hallucination, and toxic generation with extensible attack modules.
PyRIT
Microsoft's Python Risk Identification Toolkit for generative AI. Automated red teaming with multi-turn attack strategies and scoring.
Promptfoo
Open-source LLM evaluation framework with built-in security test suites. Supports custom red team scenarios and regression testing.
Vigil
Prompt injection detection library using vector similarity, heuristic analysis, and ML classifiers to identify injection attempts.
Monitoring and Observability
| Tool | Focus | Key Capability |
|---|---|---|
| Langfuse | LLM observability | Trace all LLM calls, score outputs, detect anomalies, debug production issues |
| Arize Phoenix | ML observability | Embedding drift detection, retrieval quality monitoring, hallucination tracking |
| Weights & Biases | ML experiment tracking | Log prompts and responses, compare model versions, safety metric dashboards |
| Datadog LLM Observability | Enterprise monitoring | Production monitoring, cost tracking, latency analysis, security alerting |
Setting Up a Security Pipeline
Python - Security Pipeline with LLM Guard
from llm_guard import scan_prompt, scan_output from llm_guard.input_scanners import ( PromptInjection, Toxicity, TokenLimit ) from llm_guard.output_scanners import ( NoRefusal, Relevance, Sensitive ) # Define input scanners input_scanners = [ PromptInjection(threshold=0.9), Toxicity(threshold=0.8), TokenLimit(limit=4096), ] # Define output scanners output_scanners = [ NoRefusal(), Relevance(), Sensitive(), ] # Process request sanitized_prompt, results_valid, results_score = scan_prompt( input_scanners, user_prompt ) if not all(results_valid.values()): return "Request blocked by security policy." # Get model response response = model.generate(sanitized_prompt) # Scan output sanitized_output, results_valid, results_score = scan_output( output_scanners, sanitized_prompt, response )
Tool Selection Advice: Start with open-source tools like LLM Guard for input/output scanning and Garak for testing. Add commercial solutions like Lakera Guard when you need production-grade detection with continuously updated threat intelligence.