reskSecure

Bitmask-based LLM Security Firewall

Policy-Driven Token-Level Filtering

reskSecure is a Python package that restricts what a language model can generate based on user permissions encoded as a capability bitmask. It works by intercepting the model's token predictions and blocking or penalizing disallowed phrases before they appear in the output. Built on top of resk-logits for GPU-accelerated pattern matching, it adds an enterprise-grade policy layer with YAML configuration, hot-reload, and tool call blocking.

Project Stats

200

PyPI Downloads

GitHub Stars

v0.1.0

Latest Version

Python

Language

Key Features

Bitmask Permission System

Each user has a capability bitmask (integer) where each bit represents a permission. The policy system maps bitmasks to phrase rules and tool permissions.

Up to 64 independent permission bits
Exact match or default policy fallback
Tool-level permission granularity
No JWT handling -- receives raw integer from external auth

Dual Severity Mode

Two modes for handling banned phrases: hard blocks the token completely, bias reduces its probability.

Hard mode: Token logit set to -inf (impossible to generate)
Bias mode: Token logit reduced by configurable penalty
Strict mode: Forces EOS at the first banned prefix
Per-phrase mode configuration in YAML policy

Tool Call Prevention at Token Level

Tool calls are blocked before the model generates them. If a user lacks a required permission bit, the tool's trigger phrases are added to the hard-block list automatically.

Trigger phrases defined per tool in the policy
Blocked at generation time, not post-generation
Defense-in-depth with post-generation ToolGuard
No prompt can bypass token-level restrictions

Hot-Reload and Caching

Policy changes take effect without restarting the server. The Aho-Corasick automaton is cached per (mask, model) pair with configurable TTL.

PolicyWatcher polls YAML mtime every 5 seconds
Automatic cache invalidation on policy change
Thread-safe cache with per-entry TTL
Zero-downtime policy updates

Quick Install

pip install resksecure

Usage Example

                Policy File (policy.yaml)
                
version: "1.0"
policies:
  - mask: 7
    name: contributor
    rules:
      - phrase: "DROP TABLE"
        mode: hard
      - phrase: "salaries"
        mode: bias
        penalty: -5.0
    tools:
      send_email:
        required_bit: 1
        trigger_phrases:
          - "send_email("
                
            

                Generation Pipeline
                
from resksecure import BitmaskLogitsProcessor, load_policy

policy_set = load_policy("policy.yaml")

processor = BitmaskLogitsProcessor(
    mask=7,
    model_name="mistralai/Mistral-7B-v0.1",
    tokenizer=tokenizer,
    policy_set=policy_set,
    device="cuda",
)

outputs = model.generate(**inputs, logits_processor=[processor])
                
            

Architecture

                
User bitmask (from external auth)
    |
    v
PolicyLoader -- loads YAML, resolves mask to Policy
    |
    v
TrieFactory -- builds VectorizedAhoCorasick from rules
    |         + tool trigger phrases for disallowed tools
    v
BitmaskLogitsProcessor -- HuggingFace LogitsProcessor
    |
    v
Aho-Corasick automaton via resk-logits (GPU)
    |
    v
Hard mode: logit = -inf
Bias mode: logit -= penalty
Strict mode: EOS on prefix match
    |
    v
ToolGuard (post-generation verification)
                
            

Get Started with reskSecure

Add policy-driven security to your LLM deployments.

View on GitHub PyPI Package

Technical Support

For technical inquiries and integration support:

contact[@]resk.fr

Contact Our Team