DEFEND · OSSMITv0.2 release
BonkLM
Your LLM application's immune system. Nine ship-ready security layers chain into a GuardrailEngine that catches threats before they reach your users — across 22 framework, LLM, and RAG connectors.
9
security layers
30+
PII patterns
36
secret types
22
connector packages
Layer stack
Nine gates. One verdict.
Each layer is a named module under packages/core/src. Chain them, swap them, override them. Every call leaves a tamper-evident trace.
- 01PIPrompt Injection30 patterns across 5 categories — system override, role hijacking, instruction injection, encoded payload, context manipulation.module
validators/prompt-injection.ts - 02JBJailbreak Detection57 patterns across 10 categories — DAN, roleplay, hypothetical, authority, social engineering, trust, emotional, templates, obfuscation.module
validators/jailbreak.ts - 03RFReformulation DetectorEncoding tricks, character injection, context overload — catches threats laundered through paraphrase.module
validators/reformulation-detector.ts - 04BDBoundary DetectorDetects attempts to cross conversational, instructional, and policy boundaries.module
validators/boundary-detector.ts - 05PIIPII Guard30 patterns — 7 US, 18 EU, 5 international — with Luhn, IBAN, BSN validation.module
guards/pii/ - 06SECSecret Guard36 credential types with Shannon entropy — API keys, JWTs, certificates, signing keys.module
guards/secret.ts - 07XSSXSS SafetyFilters cross-site scripting vectors in LLM output before downstream rendering.module
guards/xss-safety.ts - 08BSHBash SafetyBlocks unsafe shell command synthesis in tool-using agents.module
guards/bash-safety.ts - 09STRStreaming ValidatorReal-time token-by-token threat detection over streaming responses.module
engine/GuardrailEngine.ts
Connector matrix
Drop into any stack.
22 connector packages cover frameworks, LLM providers, and RAG/vector stores. Auto-detection in the install wizard wires the right pieces in seconds.
Framework plugins2
@blackunicorn/bonklm-express1.1.0@blackunicorn/bonklm-fastify1.1.0
LLM provider connectors7
@blackunicorn/bonklm-anthropic1.1.0@blackunicorn/bonklm-openai1.1.0@blackunicorn/bonklm-ollama1.1.0@blackunicorn/bonklm-huggingface1.1.0@blackunicorn/bonklm-mastra1.1.0@blackunicorn/bonklm-genkit1.1.0@blackunicorn/bonklm-vercel1.1.0
RAG & vector stores4
@blackunicorn/bonklm-pinecone1.1.0@blackunicorn/bonklm-chroma1.1.0@blackunicorn/bonklm-weaviate1.1.0@blackunicorn/bonklm-qdrant1.1.0
Agentic & orchestration integrations5
@blackunicorn/bonklm-langchain1.1.0@blackunicorn/bonklm-llamaindex1.1.0@blackunicorn/bonklm-mcp1.1.0@blackunicorn/bonklm-nestjs1.1.0@blackunicorn/bonklm-copilotkit1.1.0
Supporting packages4
@blackunicorn/bonklm-logger1.1.0@blackunicorn/bonklm-adapters1.1.0@blackunicorn/bonklm-examples1.1.0@blackunicorn/bonklm-wizard0.2.0
Drop-in example
Three sensitivity levels, four action modes.
// Express + Anthropic example
import { GuardrailEngine } from '@blackunicorn/bonklm'
import { anthropicConnector } from '@blackunicorn/bonklm-anthropic'
import { expressMiddleware } from '@blackunicorn/bonklm-express'
const guard = new GuardrailEngine({
sensitivity: 'standard', // 'strict' | 'standard' | 'permissive'
action: 'block', // 'block' | 'sanitize' | 'log' | 'allow'
validators: [
'prompt-injection',
'jailbreak',
'pii',
'secret',
],
})
app.use(expressMiddleware(guard))
app.post('/chat', anthropicConnector(guard, anthropic))Your LLM is leaking. BonkLM stops the bleed. Let's talk.