Show HN: InferShield – open-source security proxy for LLM inference(github.com)
github.com
Show HN: InferShield – open-source security proxy for LLM inference
https://github.com/InferShield/infershield
2 コメント
Interesting. If you're already proxying LLM requests for security, adding cost-optimized routing is a natural next step. NadirClaw does the routing side (classifies prompts, routes to cheaper models). Could see these stacking well. https://github.com/doramirdor/NadirClaw
Good timing on this. I just finished testing PromptGuard last week — similar product, same 95%+ detection claim, multi-encoding detection highlighted. Found 12 of 18 attack vectors bypassed: base64, unicode homoglyphs, ROT13, leetspeak, reversed text, non-English inputs, multi-turn fragmentation.
InferShield makes the same encoding claims. Sent a note to [email protected] today offering to run the same test suite. No pressure — just documenting the attempt publicly.
If the team is watching this thread: the session-history tracking for multi-turn attacks is genuinely differentiated. That is harder to bypass than single-shot encoding filters. Worth stress-testing that specific path.
InferShield makes the same encoding claims. Sent a note to [email protected] today offering to run the same test suite. No pressure — just documenting the attempt publicly.
If the team is watching this thread: the session-history tracking for multi-turn attacks is genuinely differentiated. That is harder to bypass than single-shot encoding filters. Worth stress-testing that specific path.
I've been talking to CISOs at banks and hospitals who are deploying LLMs without proper security. Their existing tools can't handle LLM-specific threats:
- Prompt injection (attackers manipulate LLM behavior, WAFs can't detect it) - Data exfiltration (sensitive data leaks through LLM responses) - Jailbreak attempts (users bypass safety guardrails using encoding)
Gartner predicts 60% of AI enterprises will face a security incident by 2027.
InferShield is a drop-in proxy with real-time threat detection, multi-encoding detection (Base64, hex, URL, Unicode), complete audit logs, and risk scoring. Self-hosted, provider-agnostic, zero code changes required.
v0.1 MVP is live today with 95%+ detection rate (red team tested). MIT licensed, free forever. Enterprise tier coming for compliance features.
Website: https://infershield.io Quick start: docker pull infershield/proxy:latest
Feedback welcome! What LLM security challenges are you facing?