Defend
Concepts

Security and privacy

What Defend does and does not guarantee, and when third parties may see your text.

View on GitHub

Defend helps detect common LLM risks such as prompt injection, prompt leaks or system override. It does not provide a formal security proof against all attacks or all model failure modes.

Third-party evaluation

When you enable output guarding with claude or openai, text you submit to /v1/guard/output (and related evaluation prompts) may be processed by that provider’s API. Minimize sensitive content you cannot disclose; scrub or redact secrets before calling external providers.

Operational data

Session state is held server-side for correlation and risk accumulation. Use DELETE /v1/sessions/{session_id} when you need explicit removal for your privacy model.

Hardening

Treat Defend as one layer in depth-in-depth: authentication, authorization, rate limits, and secure prompt design around your LLM remain your responsibility.

Benchmarks

GenTel-Bench comparison for the local defend classifier versus other guard models; methodology and caveats.

Guides

Operational guides for Docker deployments and running Defend in production with health checks and metrics.

On this page

Operational dataHardening