Links:
- GitHub: https://github.com/Resk-Security/resk-llm-ts
- NPM: https://npmjs.com/package/resk-llm-ts
- Website: https://resk.fr
If you are building LLM-powered applications in Node.js or TypeScript, you have probably thought about security. Prompt injection, jailbreak attempts, PII leaks, and data exfiltration are real threats that traditional input sanitization does not catch at the LLM layer.
Most security toolkits are Python-only. TypeScript developers deserve the same protection.
resk-llm-ts is an open source TypeScript security toolkit with 11 threat detectors. It works as Express middleware, Hono middleware, or as an OpenAI-compatible wrapper.
Quick Start
npm install resk-llm-ts
Basic Usage
import { LLMSecurity } from "resk-llm-ts";
const security = new LLMSecurity({
enabledDetectors: ["injection", "jailbreak", "pii", "exfiltration"],
mode: "block", // or "log"
});
// Use as middleware with Express
app.post("/api/chat", security.middleware(), async (req, res) => {
// req.body has been scanned - threats are blocked or logged
const response = await openai.chat.completions.create({
model: "gpt-4",
messages: req.body.messages,
});
res.json(response);
});
Or use the OpenAI-compatible wrapper:
import { SecureOpenAI } from "resk-llm-ts";
const client = new SecureOpenAI({
apiKey: process.env.OPENAI_API_KEY,
detectors: ["injection", "jailbreak"],
});
const response = await client.chat.completions.create({
model: "gpt-4",
messages: [{ role: "user", content: userInput }],
});
All 11 Detectors
| Detector | Purpose |
|---|---|
| injection | Prompt injection detection |
| jailbreak | Jailbreak pattern recognition |
| pii | PII and sensitive data scanning |
| exfiltration | Data exfiltration prevention |
| code-injection | Code injection detection |
| toxic-content | Toxic content filtering |
| political | Political content detection |
| adversarial | Adversarial suffix detection |
| encoded-payload | Base64/hex encoded threat detection |
| role-play | Role-play manipulation detection |
| system-prompt | System prompt leak prevention |
Why resk-llm-ts?
- TypeScript-first: Full type definitions, works with any Node.js framework
- Middleware-ready: Drop into Express, Hono, Fastify, or any connect-compatible framework
- OpenAI-compatible wrapper: Replace your OpenAI client with zero API changes
- Dual mode: Block threats or log them for analysis
- GPL-3.0 open source: Free to use, modify, and contribute to
Security for LLM applications should not be an afterthought. Add it as middleware and ship with confidence.
Check it out on GitHub: https://github.com/Resk-Security/resk-llm-ts
Install: https://npmjs.com/package/resk-llm-ts
Learn more: https://resk.fr
Top comments (0)