BonkLM

Overview

What is BonkLM?

BonkLM is a TypeScript/JavaScript library providing production-ready validators to protect LLM applications against common AI-specific attack vectors including prompt injection, jailbreaks, PII leakage, and toxic output.

Validators

• PromptInjectionValidator — Detects direct and indirect prompt injection attempts
• JailbreakValidator — Flags known jailbreak patterns and DAN-style attacks
• PIILeakValidator — Prevents PII from leaking in responses
• ToxicOutputValidator — Filters harmful or abusive content
• SecretsLeakValidator — Detects API keys and credentials in outputs
• HallucinationValidator — Flags high-confidence unsupported claims
• ContextBoundaryValidator — Enforces system prompt boundary integrity

Installation

npm / pnpm

# npm
npm install bonklm

# pnpm
pnpm add bonklm

# yarn
yarn add bonklm

Requirements

• Node.js 18+
• TypeScript 5+ (optional but recommended)

Quick Start

Basic Usage

import { PromptInjectionValidator } from 'bonklm'

const validator = new PromptInjectionValidator()

const result = await validator.validate({
  input: userMessage,
  context: systemPrompt,
})

if (!result.safe) {
  console.warn('Potential prompt injection:', result.reason)
  // reject or sanitize the input
}

Chaining Validators

import { ValidatorChain, PromptInjectionValidator, PIILeakValidator } from 'bonklm'

const chain = new ValidatorChain([
  new PromptInjectionValidator({ sensitivity: 'high' }),
  new PIILeakValidator({ patterns: ['email', 'phone', 'ssn'] }),
])

const result = await chain.validate({ input: userMessage })

if (!result.safe) {
  throw new Error(`Validation failed: ${result.violations.join(', ')}`)
}

API Reference

Full API reference, configuration options, and advanced usage patterns are available in the GitHub repository README and the inline JSDoc documentation.

GitHub Repository

BonkLM is open-source under the MIT license. Contributions, bug reports, and feature requests are welcome.