Play 30
AI Security Hardening
LLM defense — prompt injection, jailbreak detection, OWASP LLM Top 10.
A comprehensive security platform for production AI workloads. Multi-layer defense: prompt injection detection (pattern matching + classifier), jailbreak attempt blocking, content safety enforcement (Azure AI Content Safety), automated red teaming (generates attack prompts and tests defenses), and OWASP LLM Top 10 compliance scanning. Covers all 10 categories: prompt injection, insecure output handling, training data poisoning, model DoS, supply chain attacks, sensitive info disclosure, insecure plugin design, excessive agency, overreliance, and model theft.
Architecture Pattern
LLM security: multi-layer defense, red teaming, OWASP Top 10 compliance
Azure Services
DevKit (.github Agentic OS)
- agent.md — root orchestrator with builder→reviewer→tuner handoffs
- 3 agents — Security Builder (gpt-4o), Reviewer (gpt-4o-mini), Tuner (gpt-4o-mini)
- 3 skills — deploy (104 lines), evaluate (101 lines), tune (101 lines)
- 4 prompts — /deploy, /test, /review, /evaluate with agent routing
- .vscode/mcp.json — FrootAI MCP with Content Safety + OpenAI inputs + envFile
TuneKit (AI Config)
- config/openai.json — classifier model for injection detection
- config/security.json — severity thresholds, blocklists, allow patterns
- config/guardrails.json — content safety levels, red team scenarios
- evaluation/eval.py — Injection detection >99%, False positive <5%
Tuning Parameters
Estimated Cost
Dev/Test
$100–250/mo
Production
$1.5K–5K/mo