Bitmask-Based LLM Security Firewall with reskSecure — Block Jailbreaks at Token Level
ReskSecure introduces a bitmask-based firewall that blocks disallowed tokens at the logits level before generation. The system uses YAML policies with Aho‑Corasick pattern matching and supports hard blocking or bias penalties. It integrates as a logits processor for any HuggingFace model and offers hot‑reloading of policies.
- ▪Traditional LLM security tools typically scan output after generation, which can allow harmful content to be produced before detection.
- ▪ReskSecure operates on the logits tensor, modifying the probability distribution to prevent forbidden tokens from being sampled.
- ▪Policies are defined in YAML files, specifying patterns, capability bitmasks, and severity modes such as hard block or configurable bias.
- ▪The firewall works with HuggingFace models via the logits processor API and requires Python 3.13+ and PyTorch 2.0+.
Opening excerpt (first ~120 words) tap to expand
try { if(localStorage) { let currentUser = localStorage.getItem('current_user'); if (currentUser) { currentUser = JSON.parse(currentUser); if (currentUser.id === 3297057) { document.getElementById('article-show-container').classList.add('current-user-is-article-author'); } } } } catch (e) { console.error(e); } RESK Posted on Jun 30 Bitmask-Based LLM Security Firewall with reskSecure — Block Jailbreaks at Token Level #cybersecurity #llm #python #security Links: PyPI: https://pypi.org/project/resksecure GitHub: https://github.com/Resk-Security/reskSecure Web: https://resk.fr Most prompt injection and jailbreak guards work by scanning output text after the model has already generated it. This is too late — the damage is done, the tool call was made, the sensitive data was exfiltrated.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at DEV.to (Top).