facundoib/llm-waf

# llm-waf TypeScript-native Web Application Firewall for LLM inputs. Deterministic prompt injection defense, LATAM-first PII redaction, and OWASP LLM Top 10-mapped audit output. Edge-runtime compatible. ## 状态 Pre-alpha. Specification in progress. Not ready for use. RFC and v0.1 spec are being drafted. Follow the repository for updates. ## 目标 (v0.1) - Pure TypeScript. Zero Python. Zero machine-learning dependencies on the hot path. - Runs on Node.js, Cloudflare Workers, Vercel Edge, Bun, and Deno. - Zod-composable declarative API. - LATAM-first PII recognizers (DNI, CPF, CNPJ, CURP, RFC, RUT, cédula). - Structured audit output mapped to OWASP LLM Top 10 2025 and NIST AI RMF. - MCP-compatible by design; adapter shipping in v0.5. ## 非目标 (v0.1) - Python SDK (deferred; conditional on Node.js traction). - LLM-as-judge detection on the hot path. - Output validation (deferred to v2.0). - Hosted or managed service. ## 许可证 Apache-2.0 ## 维护者 [Facundo Ibarzabal](https://github.com/facundoib)

标签：Apache-2.0, AppImage, Bun, Deno, GNU通用公共许可证, LATAM, LLM安全防护, MCP兼容, MITM代理, NIST AI RMF, Node.js, OWASP LLM Top 10, PII脱敏, PPI识别, Pre-alpha, RFC, TypeScript, Vercel Edge, Web应用防火墙, XML注入, Zod, 可组合API, 声明式API, 安全插件, 审计输出, 开源, 提示注入防御, 源代码安全, 确定性防御, 程序员工具, 纯TypeScript, 规范草案, 边缘计算, 零机器学习依赖