npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@yfedoseev/jailguard

v0.1.2

Published

Pure-Rust prompt-injection detector with 1.5MB embedded MLP classifier. 98.40% accuracy, p50 14ms CPU inference, prebuilt napi addons for Linux/macOS/Windows. Apache-2.0/MIT alternative to Rebuff and Lakera Guard.

Downloads

383

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

yfedoseevyfedoseev

Keywords

prompt-injectionprompt-injection-detectionllm-securityai-securityguardrailsjailbreak-detectionrebuff-alternativelakera-alternativeonnxrust-bindingnapinative

Readme

JailGuard for JavaScript / TypeScript

Pure-Rust prompt-injection detector exposed to Node.js via a napi-rs N-API native addon. Prebuilt binaries ship for every supported platform — no Rust toolchain, no C compiler, no build step at install.

npm License: MIT OR Apache-2.0

Part of the JailGuard toolkit. Same Rust core, same numbers, same API as the Rust crate, Python package, and Go module.

Install

npm install @yfedoseev/jailguard

Prebuilt .node binaries ship inside the npm tarball for:

| Platform | Architecture | |---|---| | Linux | x64, arm64 | | macOS | x64, arm64 | | Windows | x64 |

Node.js 18 or later.

Quick start

import { detect, isInjection, downloadModel } from "@yfedoseev/jailguard";

// Optional pre-warm: the 90 MB ONNX embedder downloads on first detect().
downloadModel();

if (isInjection("ignore previous instructions")) {
  throw new Error("blocked");
}

const r = detect("What is the capital of France?");
console.log(r.score, r.risk);

API

| Function | Returns | Description | |---|---|---| | detect(text) | DetectionResult | Full detection output | | isInjection(text) | boolean | Quick boolean check | | score(text) | number | Raw probability [0, 1] | | detectBatch(texts) | DetectionResult[] | Batch processing | | downloadModel() | void | Pre-fetch the ONNX model | | modelCacheDir() | string | Cache path | | version() | string | Library version |

interface DetectionResult {
  isInjection: boolean;
  score: number;
  confidence: number;
  risk: RiskLevel;
}

enum RiskLevel { Safe = 0, Low = 1, Medium = 2, High = 3, Critical = 4 }

Full TypeScript declarations ship in the package — autocomplete and strict type-checking out of the box. The package is ESM-only (type: "module"); CommonJS consumers use dynamic import().

Examples

Runnable examples live in ../examples/javascript/ (Node.js, .mjs) and ../examples/typescript/ — quickstart, batch scoring, and middleware patterns for Express and Next.js route handlers.

Quick Express middleware:

import express from "express";
import { isInjection } from "@yfedoseev/jailguard";

const app = express();
app.use(express.json());

app.use((req, res, next) => {
  const text = req.body?.prompt ?? "";
  if (isInjection(text)) {
    return res.status(400).json({ error: "prompt rejected" });
  }
  next();
});

Performance

Headline: 98.40% accuracy in-domain, p50 14 ms on Apple M3. Full methodology, dataset breakdown, OOD benchmarks, and head-to-head numbers vs open-source baselines in ../BENCHMARKS.md.

Thread safety

Detection calls are synchronous and serialize on a Mutex internally. For high-concurrency workloads, fan out via Node's worker_threads — each worker gets its own copy of the addon and runs independently.

Building from source

End users do not need this. The published npm package ships prebuilt addons for every supported platform.

If you've cloned the monorepo:

cd js
npm install
npm run build:native    # cargo build --release --features napi
                        # → js/prebuilds/<platform>-<arch>/jailguard.node
npm run build           # TypeScript compile
npm test                # vitest

scripts/build-native.mjs is a developer convenience — CI does not use it. The release pipeline builds the napi addon for every target, stages them into js/prebuilds/<triple>/jailguard.node, and runs npm publish once.

Other JailGuard bindings

License

Dual-licensed under MIT OR Apache-2.0 — your choice.