Vard – Zod-inspired prompt injection detection for TypeScript (github.com)

Vard is a new TypeScript-first, Zod-inspired library for detecting and sanitizing prompt-injection attacks in LLM apps. It offers a chainable, immutable API (vard(), .moderate(), .delimiters(), .block(), .sanitize(), .pattern(), .onWarn(), .safeParse(), etc.) that returns strongly typed, sanitized input or throws a PromptInjectionError. It ships tiny (<10KB minified+gz), is tree-shakeable and ReDoS-safe, and targets five core threat types—instruction override, role manipulation, delimiter injection, system prompt leakage and encoding/obfuscation—using pattern-based detection and iterative sanitization. Defaults include a 10,000-char maxLength (~2,500 tokens) and presets (strict/moderate/lenient). You can add private domain/language patterns, monitor with .onWarn(), and choose per-threat actions (block/sanitize/warn/allow). Why it matters: Vard is optimized for real-time, high-volume, offline or air-gapped deployments where sub-millisecond deterministic checks are required (<0.5ms p99). Pattern-based detection is fast and cost-free with ~90–95% accuracy on known vectors, but it can miss novel or purely semantic attacks—LLM-based detection is more accurate (98%+) at higher latency/cost. The recommended approach is defense-in-depth: use Vard as a first, cheap filter, add sanitization, monitoring, rate limits and optionally LLM checks for high-risk flows.