The "Clean Room" for AI inputs. A comprehensive security ecosystem to detect, visualize, and sanitize invisible threats in LLM prompts.
LLM inputs are code. If you can't see the text, you can't trust the execution. Attackers use:
- Invisible Characters: Zero-width spaces (
\u200B) to smuggle instructions past keyword filters. - Trojan Source: BIDI overrides to make code look like it does one thing while doing another.
- Homoglyphs: Cyrillic
Π°looking like Latinato spoof trusted domains or commands.
PromptShield provides the tooling to detect these threats at every stage of your development lifecycle.
| Package | Status | Description |
|---|---|---|
| @promptshield/core |  |
The Engine. Zero-dependency, high-performance threat detection logic. |
| @promptshield/cli |  |
The Gatekeeper. CI/CD tool to block malicious prompts from entering your codebase. |
| mayank1513.promptshield |  |
The Lens. VS Code/Open VSX extension for real-time threat visualization (X-Ray Mode). |
| @promptshield/lsp |  |
The Brain. Language Server Protocol implementation for universal editor support. |
| @promptshield/sanitizer |  |
The Cure. Deterministic logic to strip invisible threats safely. |
| @promptshield/ignore |  |
The Filter. Standardized syntax for suppressing false positives. |
| @promptshield/workspace |  |
The Orchestrator. High-performance filesystem and caching engine. |
| @promptshield/tiptap |  |
The Shield. Real-time Tiptap editor protection. |
- Install the PromptShield VSCode Extension / PromptShield Open VSX Extension.
- Open any file. Invisible characters and threats are instantly highlighted.
# Scan your prompts directory and fail if threats are found
pnpx @promptshield/cli scan "prompts/**/*.txt" --checkimport { scan } from "@promptshield/core";
const result = scan(userInput);
if (!result.isClean) {
throw new Error("Security threat detected!");
}We welcome security researchers and engineers! This monorepo is managed with Turbo and PNPM.
- Clone the repo
pnpm installpnpm buildpnpm test
with π by Mayank Kumar Chaudhari
