I Built an Open-Source AI Firewall Because Every LLM App Leaks Data
Every LLM app I audited had the same problem.
Users type real data into AI features. Names, emails, social security numbers, credit card numbers, medical details. The app takes that input, wraps it in
deepbuilt.hashnode.dev5 min read
jamesoconnor
This resonates. We caught a cross-tenant prompt injection in our document extraction pipeline where a customer's PDF contained text instructing the agent to summarize other data. The agent didn't fall for it, but we added explicit input boundary instructions in our system prompt and run prompt-injection regression tests in CI now. The data exfiltration risk is real even when the LLM doesn't act on the injection.