mirzayasirabdullahbaig07
PromptGuard-AI
HTMLโœจ New

PromptGuard is a single-file AI security platform that scans user prompts in real-time and classifies them as SAFE, SUSPICIOUS, or DANGEROUS.

Last updated Jul 6, 2026
28
Stars
1
Forks
0
Issues
+28
Stars/day
Attention Score
37
Language breakdown
HTML 100.0%
โ–ธ Files click to expand
README

๐Ÿ›ก๏ธ PromptGuard โ€” AI Prompt Security Platform

Real-time AI prompt threat detection powered by RAG, Groq, and llama-3.3-70b-versatile.

PromptGuard Groq Embeddings Deployment License


๐Ÿ“Œ Overview

PromptGuard is a single-file AI security platform that scans user prompts in real-time and classifies them as SAFE, SUSPICIOUS, or DANGEROUS. It uses Retrieval-Augmented Generation (RAG) to ground every verdict in your own security policy โ€” uploading your rules once lets the system cite the exact policy clause violated in each scan.

Built entirely in vanilla HTML/CSS/JS with zero dependencies, it deploys to Netlify in under 60 seconds.


โœจ Features

| Feature | Description | |---|---| | ๐Ÿ” Real-time Prompt Scanning | Classifies any prompt instantly with threat type, severity, and confidence | | ๐Ÿ“š RAG-powered Policy Grounding | Embeds your security policy and retrieves relevant chunks via cosine similarity | | ๐Ÿค– llama-3.3-70b-versatile | State-of-the-art LLM analysis running on Groq's ultra-fast inference API | | ๐Ÿงฎ 768-dim Vector Embeddings | Uses nomic-embed-text-v1_5 for high-quality semantic search | | ๐Ÿ’ฌ Policy Q&A Chatbot | Ask natural language questions about your AI governance rules | | ๐Ÿ“Š Scan History & Stats | Tracks all scans with verdicts, timestamps, and RAG grounding status | | โšก Zero Dependencies | Pure HTML/CSS/JS โ€” no build step, no framework, no npm install |


๐Ÿšจ Threat Detection Categories

  • Prompt Injection โ€” Hidden instructions that attempt to override system rules
  • Jailbreak โ€” Role-play or fictional framing used to bypass safety guidelines
  • Data Exfiltration โ€” Requests to extract API keys, credentials, or context data
  • Social Engineering โ€” Emotional manipulation to extract sensitive information
  • Policy Bypass โ€” Attempts to circumvent your organization's AI usage policy
  • PII Exposure โ€” Prompts containing or requesting personally identifiable information

๐Ÿ—๏ธ Architecture

User Prompt
     โ”‚
     โ–ผ
โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚         RAG Retrieval Layer         โ”‚
โ”‚  Query โ†’ nomic-embed-text (768-dim) โ”‚
โ”‚  โ†’ Cosine Similarity โ†’ Top-K Chunks โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
     โ”‚  Relevant Policy Context
     โ–ผ
โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚      llama-3.3-70b-versatile        โ”‚
โ”‚         (via Groq API)              โ”‚
โ”‚  Structured JSON verdict output     โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜
     โ”‚
     โ–ผ
  SAFE / SUSPICIOUS / DANGEROUS
  + Threat Type + Severity + Policy Citation

๐Ÿš€ Getting Started

Prerequisites

Setup

1. Clone the repository

git clone https://github.com/your-username/promptguard.git cd promptguard

2. Add your Groq API key

Open index.html and replace the placeholder on this line:

const GROQKEY = "YOURGROQAPIKEY_HERE";

3. Open in browser

# Just open the file โ€” no server needed open index.html

That's it. No npm install, no build step.


โ˜๏ธ Deploy to Netlify

1. Push the repository to GitHub
  • Go to netlify.com โ†’ "Add new site" โ†’ "Import from Git"
  • Select your repo โ€” Netlify auto-detects the HTML file
  • Click Deploy
Your site is live in under 60 seconds. Set the GROQ_KEY as a Netlify environment variable if you want to avoid committing it.

๐Ÿ—‚๏ธ Project Structure

promptguard/
โ”‚
โ”œโ”€โ”€ index.html          # Entire application โ€” UI, logic, RAG pipeline
โ””โ”€โ”€ README.md           # This file

๐Ÿ“– Usage Guide

1 โ€” Scan a Prompt

Paste any AI prompt into the text area and click Analyze prompt. Use the sample chips to quickly load example attacks (injection, jailbreak, exfiltration, social engineering).

2 โ€” Build a Knowledge Base (RAG)

Go to the Knowledge base tab. Choose a built-in policy template:
  • OWASP LLM Top 10 โ€” industry-standard LLM security rules
  • Corporate AI Policy โ€” enterprise AI usage guidelines
  • Healthcare / HIPAA โ€” PHI and compliance requirements
Or paste your own custom policy text. Click Build knowledge base โ€” the system embeds every chunk into 768-dimensional vectors using nomic-embed-text-v1_5. Once built, all future scans are grounded in your policy.

3 โ€” Policy Chat

Go to the Policy chat tab and ask natural language questions like:
  • "What does our policy say about API keys in prompts?"
  • "Which OWASP rule covers jailbreak attempts?"
  • "What are the penalties for a data exfiltration attempt?"
Responses are semantically retrieved from your knowledge base and answered by the LLM.

4 โ€” Review History

The History tab shows all past scans with verdicts, timestamps, and whether RAG grounding was active. Click any entry to re-analyze it.

๐Ÿ”ง Tech Stack

| Layer | Technology | |---|---| | LLM | Meta llama-3.3-70b-versatile | | Inference | Groq API | | Embeddings | nomic-embed-text-v1_5 (768-dim) | | Vector Search | In-browser cosine similarity | | Frontend | Vanilla HTML / CSS / JavaScript | | Deployment | Netlify |


๐Ÿ‘ฅ Team

| Name | Role | Handle | |---|---|---| | Mirza Yasir Abdullah Baig | Project Lead | @mirzayasirabdullahbaig | | Sadia Usman | AI Engineer | @Frost_Flashlog3 | | Nazish Javeed | Backend Developer | @Nazishjaveed | | Hira Mujeeb | UI/UX Developer | @Mystic_Tintp1t7 | | Hamna Munir | Security Analyst | @HamnaMunir |


โš™๏ธ Configuration

| Variable | Location | Description | |---|---|---| | GROQ_KEY | index.html line ~180 | Your Groq API key | | BATCH | buildKB() function | Embedding batch size (default: 8) | | k in retrieve() | analyze() / sendChat() | Number of retrieved chunks (default: 3โ€“4) | | maxTokens | groqChat() | Max LLM output tokens (default: 600) |


๐Ÿ”’ Security Notes

  • Never commit your Groq API key to a public repository. Use environment variables or Netlify's secret management.
  • All vector search and chunking happens client-side in the browser โ€” your policy text is never sent to any server other than Groq's embedding API.
  • The app makes direct browser-to-Groq API calls. For production use, consider proxying through a backend to keep the API key server-side.

๐Ÿ“„ License

MIT License โ€” free to use, modify, and distribute.


๐Ÿ™ Acknowledgements

  • Groq โ€” for blazing-fast LLM inference
  • Meta AI โ€” for the llama-3.3-70b-versatile model
  • Nomic AI โ€” for the nomic-embed-text embedding model
  • OWASP โ€” for the LLM Top 10 security framework
๐Ÿ”— More in this category

ยฉ 2026 GitRepoTrend ยท mirzayasirabdullahbaig07/PromptGuard-AI ยท Updated daily from GitHub