Prompt Injection Python Packages

llm-guard

The Security Toolkit for LLM Interactions

skylos

Open-source PR gate for Python, TS/JS, Java, and Go. Stop merging dead code, secrets, security flows, and AI-code regressions.

navi-sanitize

Deterministic input sanitization for untrusted text — invisible characters, homoglyphs, and encoding tricks, handled before your code sees them. Zero dependencies, no ML. Python 3.12+.

agentdojo

A Dynamic Environment to Evaluate Attacks and Defenses for LLM Agents.

mcpsafetywarden

MCP servers expose tools with no information about what they actually do at runtime. mcpsafetywarden sits between your agent and any MCP server, profiling tool behavior, blocking destructive calls, and running active security audits before you trust them in a workflow.

pyaigis

Deterministic, zero-dependency Python firewall for AI agents — MCP rug-pull, memory poisoning, indirect injection, exfil channels. 44 compliance templates (US/CN/JP/EU).

sunglasses

Sunglasses for AI agents. Protection layer + neighborhood watch.

xsafeclaw

XSafeClaw - Keeping Your Claw Safe. Real-time monitoring and security for OpenClaw, Hermes, and nanobot AI agents.

signet-sign

Capability-based safety gates for LLM agents. The model proposes; signet authorizes.

pytector

Easy to use LLM Prompt Injection Detection and Prompt Input Sanitization / Detector Python Package with support for local models, API-based safeguards, and LangChain guardrails.

armorer-guard

Fast local Rust scanner for AI-agent prompt injection, credential leaks, exfiltration, and risky tool calls

mcp-audit-scanner

Security scanner for MCP (Model Context Protocol) server configurations. Detects prompt injection, credential exposure, supply chain risks, and more.

openclaw-skill-vetter-mcp

MCP server for security-vetting third-party AI agent extensions before installation — Claude skills, plugins, tool packs. 41 detection rules across prompt-injection, exfiltration, dynamic execution, typosquats. 0-100 risk score.

wauldo

Official Python SDK for Wauldo — verified AI answers with zero hallucinations. pip install wauldo

q-uestionable-ai

Agentic AI Security Research

agentseal

Security toolkit for AI agents. Scan your machine for dangerous skills and MCP configs, monitor for supply chain attacks, test prompt injection resistance, and audit live MCP servers for tool poisoning.

neurosym-ai

Neuro-symbolic guardrails for LLMs — injection detection, harm filters, output guards, streaming safety, and action-plan validation.

meok-mcp-injection-scan-mcp

MCP injection-scanner — 30+ canonical detection rules across 5 severity tiers for the April 2026 Anthropic MCP RCE class. By MEOK AI Labs.

arcis

Inside-the-app security middleware for Node.js, Python, and Go. 20+ attack vectors. One install, three languages, MIT.

agent-aegis

LLM guardrails & prompt injection detection for Python. Auto-instruments LangChain, CrewAI, OpenAI, LiteLLM + 8 more frameworks. PII masking, toxicity detection, policy CI/CD. One line, zero code changes.

humanbound-cli

Open-source AI agent red-team engine, SDK, and CLI. Run offline or against the Humanbound Platform.

aiproof

ESLint for AI prompts — a static analyzer for LLM system prompts, user templates, Jinja/Mustache, YAML configs, and SDK call sites.

sovereign-shield

Strictly deterministic AI defense framework: immutable input filtering, dual LLM cryptographic hash consensus, and self-learning adaptive rules. Zero dependencies. Hardware-sealed. Patent Pending.

arc-sentry

Whitebox prompt injection detector for self-hosted open-weight LLMs. Deployment-specific behavioral monitor; calibrates on your traffic, detects drift from that baseline.