LLM Guard
Open-source framework for securing LLM inputs and outputs. Detects prompt injections, jailbreaks, banned topics, and harmful content with customizable scanners for comprehensive protection.
3K+
GitHub Stars
15
Input Scanners
20
Output Scanners
MIT
License
Overview
LLM Guard is an open-source security toolkit by Protect AI that scans LLM inputs and outputs for security and compliance risks. The library provides 15 input scanners (prompt injection, PII, banned topics) and 20 output scanners (toxicity, sensitive leakage, refusal detection) that work with any LLM provider. Self-hosted with no per-call costs, LLM Guard runs locally as a Python library or API server. It supports Python 3.10+ and integrates with monitoring systems like DataDog and Prometheus for comprehensive observability.
The Verdict
Who Should Use LLM Guard?
Best For
- Teams wanting self-hosted guardrails with no API costs
- Python developers building LLM applications
- Organizations requiring full data control
- Projects needing customizable security scanners
- GDPR-compliant deployments (data never leaves your infra)
Not Ideal For
- Teams wanting managed cloud service (see Lakera Guard)
- Non-Python environments (Python 3.10+ required)
- Organizations without ML infrastructure expertise
- Real-time applications needing <10ms latency
What's Great
- Completely free and open-source (MIT license)
- Self-hosted with zero per-call costs
- 35 total scanners covering comprehensive threat vectors
- Works with any LLM provider (OpenAI, Anthropic, local models)
- PII anonymization with GDPR compliance
- Integrates with DataDog, Prometheus for monitoring
- Active development by Protect AI team
- Can run as standalone API server or Python library
Watch Out For
- Requires self-hosting and infrastructure management
- Python 3.10+ only (no JavaScript/TypeScript SDK)
- Detection accuracy depends on model updates
- No managed cloud option (DIY deployment)
- Latency depends on your infrastructure
Pricing
Open Source
Free
Full functionality, MIT license, unlimited usage, self-hosted
Protect AI Platform
Custom
Enterprise features, managed service, Guardian, Recon, Layer integration
View all features & details
Input Scanners (15)
- Prompt injection detection
- Jailbreak detection
- Invisible text detection
- PII anonymization
- Secrets detection
- Banned topics filtering
- Toxicity detection
- Language detection
Output Scanners (20)
- Sensitive data leakage
- Toxicity filtering
- Bias detection
- Factual consistency
- Refusal detection
- Malicious URL blocking
- Code detection
- Regex pattern matching
Deployment
- pip install llm-guard
- Python library integration
- Standalone API server
- Docker support
- Kubernetes ready
- Python 3.10+ required
Integrations
- OpenAI SDK
- Anthropic SDK
- LangChain
- DataDog monitoring
- Prometheus metrics
- Any LLM provider
How It Compares
| Feature | LLM Guard | Lakera Guard | NeMo Guardrails | Guardrails AI |
|---|---|---|---|---|
| License | MIT (Free) | Proprietary | Apache 2.0 | MIT |
| Deployment | Self-hosted | Cloud/Self | Self-hosted | Self-hosted |
| Input Scanners | 15 | API-based | Custom | Schema-based |
| Output Scanners | 20 | API-based | Custom | Schema-based |
| Per-Call Cost | $0 | Usage-based | $0 | $0 |
| Language | Python only | Multi | Python | Python |
| Focus | Security | Security | Conversation | Output validation |
| Best For | Self-hosted security | Managed API | Dialog flows | Output formatting |
User Reviews
Loading reviews...