LLMGuard

LLM & RAG Security

Resistance testing for your language model-based applications

Why LLMGuard?

A cleverly crafted instruction can bypass your chatbot's protections, leak your system prompt, or hijack your RAG pipeline. LLMGuard tests your LLM applications against known and emerging attack techniques, without ever transmitting your sensitive data to a third party.

Supported applications

Chatbots & Assistants

General-purpose or domain-specific conversational assistants

OpenAI · Anthropic · Gemini · Mistral · Cohere · Llama · Local LLMs

RAG Pipelines

Q&A systems over your internal documents

LangChain · LlamaIndex · ChromaDB · Pinecone · Weaviate · Qdrant

Content generation

Text generation, automated writing, summarization

GPT-4 · Claude · Gemini · specialized models

Code assistants

Copilots and code generators integrated into your workflows

Codex · Claude · DeepSeek-Coder · StarCoder · CodeLlama

Translation & summarization

Automatic translation and multilingual summarization models

NLLB · MarianMT · T5 · BART · mBART

Domain-specific LLMs

Models fine-tuned for healthcare, finance, legal, scientific use

Med-PaLM · BloombergGPT · LegalBERT · custom models

Speech & Multimodal

Speech and multimodal models (audio + text + image)

Whisper · GPT-4V · Claude Vision · Gemini Multimodal

AI search engines

LLM-based augmented search and discovery systems

Semantic search · Hybrid retrieval

Your application not listed?

If your LLM use case isn't listed, contact us. We develop test modules on demand.

Contact us →

Attack categories tested

Jailbreak

Tests to bypass the model's ethical and safety guardrails through reformulation and role-play techniques.

Direct prompt injection

Injection of malicious instructions in user input to alter model behavior.

Indirect prompt injection

Injection via external sources (documents, websites, emails) read by the LLM.

System prompt extraction

Attempts to make the model reveal its confidential system instructions.

Token manipulation

Invisible Unicode characters, homoglyphs, special encodings that bypass filters.

RAG poisoning

Malicious documents inserted into the vector database to manipulate responses.

Context stuffing

Context saturation to make the system forget its safety instructions.

Knowledge boundary probing

Tests to identify what the model "knows" that it shouldn't know or reveal.

Data leakage

Attempts to extract training data or sensitive user information.

Get started in a few commands

# Installpip install rednblue

# Test a local Python chatbotrnb llm --file my_chatbot.py

# Test via API providerrnb llm --provider openai --model gpt-4 --api-key $OPENAI_KEY

# Test a RAG pipelinernb llm --file my_rag_app.py --attacks RAG,SPE,JB

# Test a custom endpointrnb llm --endpoint https://api.yourcompany.com/chat

Ready to test your LLM?

Start free See pricing