click to scroll down

// AI SECURITY

Stop prompt injection.

In 23 milliseconds.

Self-hosted protection that outperforms GPU models 8x its size. No external dependencies.

What is prompt injection?

terminal

$ curl -X POST /scan

Response:

{

“malicious”: true,

“score”: 0.97,

“latency_ms”: 23

}

// PROTECTING USERS OF

OpenAI

Claude

Open WebUI

OpenClaw

GitHub Copilot

Custom Apps

0.998

F1_SCORE

23ms

LATENCY

355MB

RAM

CPU

NO_GPU

// THE PROBLEM

AI agents are under attack.

Hidden Instructions

White text in documents. Invisible to humans, visible to AI.

Zero-Click Exploits

Microsoft Copilot exfiltrated data with no user interaction.

Config Won’t Save You

System prompts and allowlists are insufficient.

// THE SOLUTION

Multi-layer detection pipeline.

1. Statistics

2. Heuristics

3. Semantic

4. Neural

Safe

Layer 4 fallback: Meta Prompt Guard 2 · Built with Llama

// FEATURES

Built for production.

23ms latency

Imperceptible in production

Self-hosted

No data leaves your infra

CPU-only

No GPU required

48+ languages

Global coverage

// COMPARISON

Prompt Guard vs. the alternatives.

Not production-ready

NVIDIA’s own docs: “not recommended for production without further customization and testing.” Most teams deploy it anyway.

High bypass rate: emoji and characters

Instructions hidden in emoji or invisible Unicode bypass NeMo every single time. Independent research also measures a 72.54% bypass rate on character injection. (Source: arxiv 2504.11168)

500ms latency and GPU required

1 to 3 extra LLM calls per message, GPU recommended. Prompt Guard: 23ms on standard CPU, no extra hardware.

Open source on GitHub

The full source code is publicly available. You can inspect how it works, fork it, and adapt it to your own setup.

Sources: NVIDIA NeMo Docs: docs.nvidia.com/nemo/guardrails · arxiv.org/abs/2504.11168 (LLMSec Workshop 2025)

Every prompt goes to Microsoft’s cloud

Customer data, internal queries, sensitive business info: everything leaves your infrastructure. No self-hosting without Azure dependency.

71.98% bypass on AML attacks

Attackers who systematically probe Azure’s model succeed 71.98% of the time. (Source: arxiv 2504.11168)

GDPR: US cloud by default

Even with an EU datacenter, it falls under US jurisdiction. Prompt Guard runs fully local with no compliance risk.

Easy to integrate

Already in the Azure ecosystem? Prompt Shield plugs in quickly via the existing Azure AI Services API, no extra vendors needed.

Sources: arxiv.org/abs/2504.11168 (LLMSec Workshop 2025) · learn.microsoft.com/azure/ai-services/content-safety

Attackers train on the public API

Send thousands of variants, observe what gets blocked, and build a bypass model specifically targeting Lakera. Self-hosted has no public attack surface.

Every prompt on external servers

Customer messages and sensitive data routed through Lakera’s cloud. If Lakera goes down, your security fails.

GDPR: data flows to US servers

Lakera is US-based. Every scan is a transfer outside the EU. Prompt Guard runs fully local.

99.2% accuracy, 0.5% false positives

Trained on 80M+ adversarial prompts via the Gandalf platform. Lakera reports strong detection numbers with a low false positive rate.

* Own benchmark, not independently verified.

Sources: platform.lakera.ai/pricing · G2 reviews 2025

// INTEGRATIONS

Works with your stack.

Claude Code

hooks

OpenAI API

proxy

GitHub Copilot

extension