Prompt-Injection-Firewall/config.yaml at main · ogulcanaydogan/Prompt-Injection-Firewall · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
detector:
  threshold: 0.5
  min_severity: "low"
  timeout_ms: 100
  ensemble_strategy: "weighted"
  ml_model_path: ""          # Path to ONNX model dir or HuggingFace model ID (empty = disabled)
  ml_threshold: 0.85         # Minimum ML confidence to flag as injection
  adaptive_threshold:
    enabled: true
    min_threshold: 0.25
    ewma_alpha: 0.2
  weights:
    regex: 0.6               # Ensemble weight for regex detector
    ml: 0.4                  # Ensemble weight for ML detector

rules:
  paths:
    - "rules/owasp-llm-top10.yaml"
    - "rules/jailbreak-patterns.yaml"
    - "rules/data-exfil.yaml"
  custom_paths: []

proxy:
  listen: ":8080"
  target: "https://api.openai.com"
  action: "block"
  max_body_size: 1048576
  read_timeout: "10s"
  write_timeout: "30s"
  rate_limit:
    enabled: true
    requests_per_minute: 120
    burst: 30
    key_header: "X-Forwarded-For"

dashboard:
  enabled: false
  path: "/dashboard"
  api_prefix: "/api/dashboard"
  refresh_seconds: 5
  auth:
    enabled: false
    username: ""
    password: ""
  rule_management:
    enabled: false

alerting:
  enabled: false
  queue_size: 1024
  events:
    block: true
    rate_limit: true
    scan_error: true
  throttle:
    window_seconds: 60
  webhook:
    enabled: false
    url: ""
    timeout: "3s"
    max_retries: 3
    backoff_initial_ms: 200
    auth_bearer_token: ""
  slack:
    enabled: false
    incoming_webhook_url: ""
    timeout: "3s"
    max_retries: 3
    backoff_initial_ms: 200
  pagerduty:
    enabled: false
    url: "https://events.pagerduty.com/v2/enqueue"
    routing_key: ""
    timeout: "3s"
    max_retries: 3
    backoff_initial_ms: 200
    source: "prompt-injection-firewall"
    component: "proxy"
    group: "pif"
    class: "security"

tenancy:
  enabled: false
  header: "X-PIF-Tenant"
  default_tenant: "default"
  tenants: {}

replay:
  enabled: false
  storage_path: "data/replay/events.jsonl"
  max_file_size_mb: 50
  max_files: 5
  capture_events:
    block: true
    rate_limit: true
    scan_error: true
    flag: true
  redact_prompt_content: true
  max_prompt_chars: 512

marketplace:
  enabled: false
  index_url: ""
  cache_dir: ".cache/pif-marketplace"
  install_dir: "rules/community"
  refresh_interval_minutes: 60
  require_checksum: true

webhook:
  listen: ":8443"
  tls_cert_file: "/etc/pif/webhook/tls.crt"
  tls_key_file: "/etc/pif/webhook/tls.key"
  pif_host_pattern: "(?i)pif-proxy"

allowlist:
  patterns: []
  hashes: []

logging:
  level: "info"
  format: "json"
  output: "stderr"
  log_prompts: false