A comprehensive evaluation framework for testing LLMGuard across multiple LLM backends, with a focus on prompt injection detection and safe chatbot behavior.
- Project Overview
- Goals & Objectives
- Methodology
- Experiments & Results
- Tools & Technologies
- Project Structure
- Installation
- Usage
- Results & Findings
- References
This repository evaluates LLMGuard by integrating it with several LLM models and measuring prompt injection detection performance. It contains:
LLMGAURD_Project_notebook.ipynbfor interactive analysis and visualization,llmguard_tinyllama_evaluation.pyfor TinyLLaMA experiments,llmguard_phi2_evaluation.pyfor Microsoft Phi-2 experiments,llmguard_distilgpt2_evaluation.pyfor DistilGPT-2 experiments.
- Prompt Injection Detection: Identify malicious or manipulative prompt patterns.
- Input Sanitization: Block or sanitize unsafe prompts before model inference.
- Cross-Model Evaluation: Apply the same defense workflow across different LLM architectures.
- Quantitative Metrics: Use accuracy, precision, recall, F1-score, and confusion matrices.
- Integrate LLMGuard with TinyLLaMA, Microsoft Phi-2, and DistilGPT-2.
- Evaluate prompt injection detection using the Safe-Guard Prompt Injection dataset.
- Benchmark defense performance with standard classification metrics.
- Provide a reproducible interactive notebook and experiment scripts.
- Document the full project implementation.
User Prompt → LLMGuard Scanner → Risk Assessment → Accept/Reject → Model Response or Block Message
- Safe-Guard Prompt Injection (
xTRam1/safe-guard-prompt-injection)- Labels: safe (0), unsafe (1)
- Used for both script-based and notebook evaluations.
- TinyLLaMA-1.1B-Chat
- Microsoft Phi-2
- DistilGPT-2
- PromptInjection scanner
- Prompt sanitization and blocking
- Risk scoring
- Response-level safety checks where applicable
- Accuracy
- Precision
- Recall
- F1-score
- Confusion matrix
- Classification report
File: llmguard_tinyllama_evaluation.py
This script evaluates the TinyLLaMA defense pipeline and shows how LLMGuard blocks dangerous prompts while allowing safe inputs.
File: llmguard_phi2_evaluation.py
This script validates the same defense design with Microsoft Phi-2.
File: llmguard_distilgpt2_evaluation.py
This script evaluates DistilGPT-2 and includes optional GPT4All-local experiment scaffolding.
File: LLMGAURD_Project_notebook.ipynb
The notebook provides an interactive walkthrough of:
- TinyLLaMA model loading,
- LLMGuard scanner usage,
- manual prompt injection tests,
- dataset-based evaluation,
- metrics and visualizations,
- false negative analysis.
- Instruction override prompts
- Roleplay injection prompts
- Malicious payload prompts
- Context confusion prompts
llm-guardtransformerstorchdatasetspandasscikit-learnmatplotlibseaborn
llmguard-eval/
├── README.md
├── LLMGAURD_Project_notebook.ipynb
├── llmguard_tinyllama_evaluation.py
├── llmguard_phi2_evaluation.py
├── llmguard_distilgpt2_evaluation.py
└── requirements.txt
- Python 3.8 or higher
- CUDA 11.8+ (optional)
- 8GB+ RAM recommended
For optional local GPT4All experiments in llmguard_distilgpt2_evaluation.py:
pip install gpt4allpython llmguard_tinyllama_evaluation.py
python llmguard_phi2_evaluation.py
python llmguard_distilgpt2_evaluation.pyOpen LLMGAURD_Project_notebook.ipynb in Jupyter, JupyterLab, or GitHub's notebook viewer and run the cells sequentially.
This project demonstrates how LLMGuard can be applied across multiple LLM architectures and evaluated with prompt injection datasets. The notebook provides interactive evidence and visualization of the defense pipeline.
xTRam1/safe-guard-prompt-injectionTinyLLaMA/TinyLLaMA-1.1B-Chat-v1.0microsoft/phi-2distilgpt2protectai/llm-guard
Research and educational use only. Refer to dependency licenses.
Yusuf Adamu