Enterprise-grade prompt injection detection and defense platform for Large Language Model applications.
Vigil Guard protects LLM applications from prompt injection attacks, jailbreak attempts, and malicious content through a 3-branch parallel detection architecture with real-time monitoring and configuration management.
| Feature | Description |
|---|---|
| 3-Branch Detection | Heuristics + Semantic + LLM Safety Engine in parallel |
| 44 Detection Categories | Comprehensive threat coverage |
| Dual-Language PII | Polish + English via Microsoft Presidio |
| Real-time Monitoring | Grafana dashboards with 6 analytics panels |
| Investigation Panel | Advanced prompt search with decision analysis |
| Dynamic Configuration | Web-based GUI for security policies |
| Browser Extension | Chrome/Edge protection for ChatGPT/Claude.ai |
| 170+ Tests | E2E suite with OWASP AITG coverage |
Input → Validation → [Branch A: Heuristics ] → Arbiter → Decision
→ [Branch B: Semantic ] → ↓
→ [Branch C: LLM Safety Engine ] → ALLOW/SANITIZE/BLOCK
↓
→ PII Redaction → Output
Arbiter Decision Fusion:
- Weights: A=0.30, B=0.40, C=0.30
- Block threshold: 50 points
- Boost policies for high-confidence detections
# Clone repository
git clone https://github.com/tbartel74/vigil-guard.git
cd vigil-guard
# Download Llama model (required)
./scripts/download-llama-model.sh
# Run installer (generates secrets, starts services)
./install.sh
# Access Web UI
open http://localhost/uiInstallation time: ~10 minutes | Full guide: docs/operations/installation.md
| Service | Port | Purpose |
|---|---|---|
| Web UI | 80 | Configuration interface |
| n8n | 5678 | Workflow engine |
| Grafana | 3001 | Monitoring dashboards |
| Heuristics | 5005 | Branch A detection |
| Semantic | 5006 | Branch B embeddings |
| LLM Safety Engine | 8000 | Branch C classification |
| Presidio PII | 5001 | PII detection |
| ClickHouse | 8123 | Analytics logging |
| Guide | Description |
|---|---|
| Quickstart | 5-minute setup |
| Architecture | Technical design |
| User Guides | Dashboard, Investigation, Configuration |
| Services Reference | All microservices |
| API Reference | REST API |
| Troubleshooting | Common issues |
vigil-guard/
├── services/
│ ├── workflow/ # n8n detection engine
│ │ ├── config/ # Detection rules (use Web UI!)
│ │ ├── tests/ # 170+ E2E tests
│ │ └── workflows/ # Vigil Guard v2.1.0.json
│ ├── web-ui/ # React + Express
│ ├── presidio-pii-api/ # Dual-language PII
│ ├── language-detector/ # PL/EN detection
│ └── monitoring/ # ClickHouse + Grafana
├── prompt-guard-api/ # Llama Guard service
├── plugin/ # Chrome extension
├── docs/ # Documentation
└── docker-compose.yml # 11 services
| Screen | Image |
|---|---|
| Workflow Pipeline |  |
| Monitoring |  |
| Investigation |  |
See CONTRIBUTING.md for guidelines.
# Run tests
cd services/workflow && npm test
# Development
cd services/web-ui/frontend && npm run dev| Resource | Link |
|---|---|
| Documentation | docs/ |
| FAQ | docs/FAQ.md |
| Troubleshooting | docs/TROUBLESHOOTING.md |
| Issue Tracker | GitHub Issues |
# Check service health
./scripts/status.sh
# View logs
./scripts/logs.sh
# Test webhook
curl -X POST http://localhost:5678/webhook/vigil-guard-2 \
-H "Content-Type: application/json" \
-d '{"chatInput":"test","sessionId":"demo"}'When reporting issues, include:
- Output of
./scripts/status.sh - Relevant logs from
./scripts/logs.sh - Steps to reproduce
- Expected vs actual behavior
MIT License - See LICENSE
Third-Party:
- Meta Llama Prompt Guard 2: Llama 4 Community License
- Microsoft Presidio: Apache License 2.0
- spaCy: MIT License
Built with Llama - Powered by Meta's Llama Guard 2
Documentation • Installation • User Guides • Troubleshooting