oxideshield_guard/
lib.rs

1//! OxideShield Guard Library
2//!
3//! Runtime guards and security pipeline for protecting LLM applications.
4//!
5//! ## Guard Tiers
6//!
7//! Guards are organized by license tier:
8//!
9//! - **Community** (Free): PatternGuard, LengthGuard, EncodingGuard, PerplexityGuard, PIIGuard, ToxicityGuard, StructuredOutputGuard
10//! - **Professional**: See `oxide-guard-pro` crate for SemanticSimilarityGuard, MLClassifierGuard
11//! - **Enterprise**: Custom guards, private models
12//!
13//! ## Research References
14//!
15//! - [PromptGuard](https://www.nature.com/articles/s41598-025-31086-y) - Nature Scientific Reports, 2025
16//!   4-layer defense: regex + MiniBERT + semantic + adaptive, F1=0.91, 67% injection reduction
17//! - [Indirect Prompt Injection](https://arxiv.org/abs/2302.12173) - Greshake et al., 2023
18//! - [Ignore Previous Prompt](https://arxiv.org/abs/2211.09527) - Perez & Ribeiro, 2022
19
20#[cfg(feature = "adversarial-samples")]
21pub mod adversarial;
22pub mod benchmark;
23pub mod compliance;
24pub mod config;
25pub mod embeddings_bundle;
26pub mod guard;
27pub mod guards;
28pub mod licensed;
29pub mod multilayer;
30pub mod pipeline;
31pub mod telemetry;
32
33pub use config::{
34    GlobalSettings, GuardConfig, GuardDefinition, GuardType, GuardTypeConfig, PatternConfig,
35    PipelineConfig,
36};
37pub use guard::{
38    EncodingGuard, Guard, GuardAction, GuardCheckResult, GuardError, GuardResult, LengthGuard,
39    PatternGuard,
40};
41pub use guards::{
42    PIICategory, PIIGuard, PIIMatch, PerplexityGuard, RAGInjectionCategory, RAGInjectionConfig,
43    RAGInjectionGuard, RedactionStrategy, StructuredOutputCategory, StructuredOutputGuard,
44    ToxicityCategory, ToxicityGuard,
45};
46pub use multilayer::{
47    AggregationStrategy, LayerConfig, LayerType, MultiLayerDefense, MultiLayerDefenseBuilder,
48    MultiLayerResult,
49};
50pub use pipeline::Pipeline;
51
52// Adversarial testing (only available with adversarial-samples feature — internal testing only)
53#[cfg(feature = "adversarial-samples")]
54pub use adversarial::{
55    attack_samples::{
56        all_attack_samples, autodan_samples, encoding_attack_samples, gcg_samples,
57        jailbreak_samples, prompt_injection_samples, roleplay_attack_samples, samples_by_type,
58        system_prompt_leak_samples, AttackSample, AttackType,
59    },
60    benchmark::{
61        BenchmarkMetrics, CombinedMetrics, FullBenchmarkResults, GuardBenchmark, TestResult,
62    },
63    benign_samples::{
64        all_benign_samples, conversation_samples, creative_samples, edge_case_samples,
65        educational_samples, multilingual_samples, professional_samples,
66        samples_by_category as benign_samples_by_category, support_samples, technical_samples,
67        BenignCategory, BenignSample,
68    },
69    jailbreakbench::{
70        jailbreakbench_behaviors, BehaviorTestResult, BenchmarkResults, CategoryResults,
71        JailbreakBehavior, JailbreakCategory,
72    },
73};
74
75// Benchmark suite
76pub use benchmark::{
77    competitor::{
78        all_competitor_references, ComparisonSummary, CompetitorComparison, CompetitorResult,
79        LLMGuardReference, LakeraGuardReference, LlamaGuard3Reference, NeMoGuardrailsReference,
80    },
81    datasets::{combined_dataset, BenchmarkDataset, BenchmarkSample},
82    metrics::{BenchmarkTargets, CategoryMetrics, ComparisonResult, GuardMetrics},
83    report::{BenchmarkReport, QuickSummary, ReportFormat},
84    runner::{BenchmarkConfig, BenchmarkRunner, BenchmarkSuiteBuilder, BenchmarkSuiteResults},
85};
86
87// Adversarial-based benchmark datasets (only with adversarial-samples feature)
88#[cfg(feature = "adversarial-samples")]
89pub use benchmark::datasets::{
90    adversarial_suffix_dataset, jailbreakbench_dataset, oxideshield_benchmark_dataset,
91    prompt_injection_dataset,
92};
93
94// Telemetry
95pub use telemetry::{
96    global_metrics, init_telemetry, set_global_metrics, shutdown_telemetry, GuardMetricsCollector,
97    InstrumentGuard, InstrumentedGuard, MetricLabels, MetricObservation, MetricsDelta,
98    MetricsExport, MetricsReporter, MetricsSnapshot, OtelGuardMetrics, PerGuardMetrics,
99    TelemetryConfig,
100};
101
102// Embeddings bundle
103pub use embeddings_bundle::{BundleError, BundleMetadata, BundledEmbedding, EmbeddingsBundle};
104
105// Licensed guard infrastructure
106pub use licensed::{
107    guard_license_requirement, is_community_guard, DynGuardFactory, GuardFactory,
108    GuardFactoryConfig, GuardInfo, GuardRegistry, LicenseCheckedGuard, LicensedGuard,
109    LicensedGuardError, LicensedGuardResult, GUARD_LICENSE_REQUIREMENTS,
110};
111
112// Compliance reporting
113pub use compliance::{
114    available_controls, controls_by_component, ComplianceReport, ComplianceReportBuilder,
115    ComplianceStatus, ControlMapping, EuAiActCategory, EuAiActMapping, EuAiActRequirement,
116    Framework, NistAiRmfCategory, NistAiRmfMapping, NistAiRmfSubcategory, SecurityControl,
117};
118
119// Professional guards (SemanticSimilarityGuard, MLClassifierGuard) have been
120// moved to the oxide-guard-pro crate, which requires a Professional license.
oxideshield_guard/lib.rs

oxideshield_guard/
lib.rs
