promptguard.sanitizers

class promptguard.PromptSanitizer[source]

Bases: object

Sanitise prompts by removing or neutralising malicious patterns.

Input text is Unicode-normalised (NFKC) before pattern matching so that full-width and compatibility character obfuscation is caught automatically.

Three strategies are supported:

  • CONSERVATIVE — applies all pattern groups. Maximum safety; may affect some legitimate phrasing.

  • BALANCED (default) — applies critical, encoding, and context-reset patterns. Good trade-off for most production applications.

  • MINIMAL — applies only the critical patterns. Use when exact wording must be preserved as much as possible.

__init__()[source]

Compile all pattern lists at initialisation time.

sanitize(prompt, strategy=SanitizationStrategy.BALANCED)[source]

Sanitise prompt using the specified strategy.

The prompt is Unicode-normalised before any pattern matching so that obfuscated variants (e.g. full-width characters) are caught.

Parameters:

  • prompt (str) – The prompt text to sanitise.

  • strategy (SanitizationStrategy) – Sanitisation strategy controlling which pattern groups are applied.

Returns:

A SanitizationResult describing the outcome.

Return type:

SanitizationResult

Example:

sanitizer = PromptSanitizer()
result = sanitizer.sanitize("Ignore all previous instructions")
print(result.sanitized)       # Cleaned prompt
print(result.removed_patterns)  # What was removed
class promptguard.AdvancedSanitizer[source]

Bases: PromptSanitizer

Sanitiser with intent-aware cleaning and safe-rephrasing suggestions.

Extends PromptSanitizer with:

  • Intent preservation — uses a lighter strategy for question-type prompts to minimise over-removal.

  • Safe alternative suggestions — rewrites common attack patterns into legitimate equivalents.

__init__()[source]

Compile parent patterns and pre-compile alternative patterns.

sanitize_with_intent(prompt, intent=None, strategy=SanitizationStrategy.BALANCED)[source]

Sanitise prompt while respecting the detected intent.

When intent is "question" the MINIMAL strategy is used to avoid removing context that forms part of a legitimate query.

Parameters:

  • prompt (str) – The prompt text to sanitise.

  • intent (str | None) – Detected intent string (e.g. "question", "instruction").

  • strategy (SanitizationStrategy) – Fallback strategy for non-question intents.

Returns:

A SanitizationResult.

Return type:

SanitizationResult

suggest_alternative(prompt)[source]

Return a safe rephrasing of prompt, or None if no match.

Uses pre-compiled patterns so there is no per-call compilation cost.

Parameters:

prompt (str) – A potentially malicious prompt.

Returns:

A sanitised alternative string, or None if the prompt does not match any known attack pattern.

Return type:

str | None