ShieldGPT: An AI Firewall Security Gateway for Large Language Models

ShieldGPT is a comprehensive security solution for large language model (LLM) applications, developed by Jnanesh2425 and released on GitHub on 2026-05-30. Its core purpose is to protect LLM apps from malicious prompts, injection attacks, and suspicious input patterns. Key features include real-time threat detection using DistilBERT for zero-shot classification, risk scoring, input cleaning, rate limiting, and detailed security monitoring. It serves as an AI firewall to build a secure line of defense for LLM applications.

With the widespread adoption of LLMs in production environments, security threats such as prompt injection attacks and malicious inputs have become increasingly prominent. These threats can compromise the integrity and safety of LLM applications. ShieldGPT addresses these challenges by providing multi-layered protection mechanisms, offering enterprise-level security guarantees for LLM applications.

Core Security Features

• Advanced Threat Detection: Uses DistilBERT for zero-shot classification (no specific attack type training needed) to identify malicious prompt patterns, with real-time analysis and multi-label classification (MALICIOUS/SUSPICIOUS/SAFE).
• Risk Scoring: Computes a quantitative risk score (0-1 range) with confidence based on model output, and supports configurable threshold policies.
• Input Cleaning: Automatically removes potential dangerous content, purifies prompts to eliminate injection vectors, and supports CORS for cross-domain requests.
• Rate Limiting: IP-based access frequency control (default: 100 requests per 15-minute window) and automatic blocking of abnormal IPs.

System Architecture

ShieldGPT uses a micro-service architecture with three core components:

• Frontend: React 19-based UI with chat interface (real-time prompt security testing) and monitoring panel (security analysis and threat statistics).
• Backend: Node.js/Express 5 for API handling, rate limiting middleware, AI detection service integration, and MongoDB logging.
• AI Detection Service: Python/Flask-based service running DistilBERT (via Hugging Face Transformers and PyTorch) for model inference.

Data Flow

User input → Frontend → Backend (rate limit check → input cleaning) → AI Detection Service (threat classification → risk scoring) → Backend (MongoDB logging → optional Ollama LLM service) → Response to Frontend.

API Examples

• Prompt Analysis: POST /api/prompt with JSON body containing "prompt"; response includes label (MALICIOUS/SUSPICIOUS/SAFE), confidence, risk score, sanitized prompt, and timestamp.
• Log Query: GET /api/logs with limit/skip parameters.
• Stats: GET /api/stats returns total prompts, malicious/suspicious/safe counts, average risk score, and blocked IPs.

Deployment Steps

1. Start MongoDB.
2. Launch AI detection service (cd ai-detector → python detector.py, runs on localhost:5001).
3. Start backend (cd Backend → npm start).
4. Start frontend dev server (cd Frontend → npm run dev, access at http://localhost:5173).

ShieldGPT applies to multiple LLM security scenarios:

1. Enterprise LLM Gateway: Serves as a unified entry for internal LLM services, providing centralized security control.
2. Public API Protection: Safeguards open LLM APIs from malicious attacks and abuse.
3. Development & Testing: Offers a secure sandbox for LLM app development to verify prompt safety.
4. Compliance Audit: Detailed security logs meet enterprise compliance and audit requirements.

Technical Highlights

• Micro-service architecture for modularity and scalability.
• Modern tech stack: React19, Vite7, Express5, Tailwind CSS4, Recharts.
• Real-time security态势 visualization via Recharts.
• DistilBERT balances accuracy and performance (66M parameters, millisecond-level inference).
• Full-stack TypeScript for type safety.

Extension Directions

• Support for user-defined detection rules.
• Model hot update without service restart.
• Multi-model fusion to improve detection accuracy.
• Integration with external threat intelligence sources.
• A/B testing for detection strategies.

ShieldGPT provides a complete technical reference implementation for LLM application security. By combining modern web technologies and advanced NLP models, it demonstrates how to build an enterprise-grade LLM security protection system. For teams deploying LLMs in production, ShieldGPT's security architecture and implementation details are of great reference value.