Changelog

All notable changes to PromptGuard are documented here. The format follows Keep a Changelog and the project adheres to Semantic Versioning.

0.1.0 — 2026

Initial public release.

Added

  • PromptGuard — main classifier wrapping a fine-tuned DistilBERT model hosted on HuggingFace Hub (arkaean/promptguard-distilbert).

  • analyze() and analyze_batch() for single-prompt and batch classification returning RiskScore.

  • classify() / classify_batch() for lightweight boolean classification.

  • sanitize() and sanitize_if_malicious() with CONSERVATIVE, BALANCED, and MINIMAL sanitisation strategies.

  • SentimentAnalyzer with VADER integration, extended aggressive-word vocabulary, and negation-aware scoring.

  • IntentClassifier for JAILBREAK / INJECTION / QUESTION / INSTRUCTION / CONVERSATION classification.

  • KeywordExtractor with optional spaCy noun-chunk extraction.

  • AttackPatternDetector covering six attack categories (instruction override, role manipulation, context manipulation, prompt extraction, output manipulation, encoding/obfuscation attacks).

  • NFKC Unicode normalisation in all analysers and the sanitiser to neutralise full-width character obfuscation.

  • PromptCache — O(1) LRU cache with configurable size and TTL, implemented with collections.OrderedDict.

  • SanitizeResponse typed dataclass (replaces raw dict return).

  • AdvancedSanitizer with intent-aware strategy selection and alternative-rephrasing suggestions.

  • PEP 561 py.typed marker and __init__.pyi type stub.

  • promptguard.utils: summarize_results, filter_by_risk_level, get_most_dangerous, export_to_csv, results_to_dataframe.

  • Pre-commit hooks (black, flake8, mypy) and 85 % coverage requirement.

  • Sphinx documentation with Furo theme, auto-deployed to GitHub Pages.