Canari is an advanced security solution specifically designed for Large Language Models (LLM) and Retrieval-Augmented Generation (RAG) applications, addressing the critical issue of prompt injection vulnerabilities—ranked as the top threat in the OSWAP LLM Top 10. By leveraging the concept of honeypot tokens, Canari proactively safeguards sensitive information against exploitation.

Key Features

• Honeypot Integration: Injects synthetic decoy tokens into your LLM context. If an attacker extracts these tokens, immediate alerts are triggered, indicating a confirmed prompt injection attack with zero false positives.
• Continuous Monitoring: Does not rely on traditional detection methods that may fail to flag malicious activity; instead, Canari ensures real-time notifications, allowing organizations to react swiftly to breaches.
• Deterministic Alerts: Each compromised token generates a structured alert event that includes severity, context, and timeline data, enabling effective incident response.

Quickstart Example

import canari

honey = canari.init(alert_webhook="https://example.com/canari")
canaries = honey.generate(n_tokens=3, token_types=["api_key", "email", "credit_card"])

system_prompt = honey.inject_system_prompt(
    "You are a helpful assistant.",
    canaries=canaries,
)

response = "Internal key: sk_test_CANARI_abcd1234"
alerts = honey.scan_output(response, context={"conversation_id": "conv-1"})
print(len(alerts))

Alert Channels

• Webhooks: Supports signed payloads for secure delivery of alerts.
• Slack Integration: Sends concise notifications directly to your team channel.
• Local Ops: Alerts can be sent to stdout or saved into files for further analysis.

Canari brings a robust approach to securing LLM applications by enhancing monitoring capabilities with industry-proven techniques from traditional cybersecurity practices. For further details, including advanced features and integration guides, refer to the documentation.