HN Showcase
Back to browse
GitHub Repository
2 starsPython

Covenant: Self hostable AI gateway with behavioral contracts

by VineshNathan29·Feb 26, 2026·1 point·1 comment
Visit ProjectView on HN

AI Analysis

●●SolidBig BrainSolve My ProblemNiche Gem

Prompt injection detection at 100% precision — but only catches 43% of actual injections.

Strengths
  • Wire-protocol compatibility (OpenAI-compatible `/v1/chat/completions`) means zero code changes to existing apps.
  • Two-tier defense (regex + ML) with rigorous benchmarks on public datasets (406 samples, seed 42).
  • Production-grade architecture: Redis-backed rate limiting, NGINX security headers, thread pool inference scaling.
Weaknesses
  • Low recall (21–43%) means majority of subtle injections pass through; only catches obvious keyword-based attacks at Tier 1.
  • Overhead latency (73ms p50 for best model) may be prohibitive for real-time applications; GPU optimization not yet verified.
Category
Security
Target Audience

Backend engineers deploying LLM applications who want to prevent prompt injection attacks without code changes.

Similar To

ProtectAI's Llama Guard · Rebuff.ai · Vigil.ai

Similar Projects

Developer Tools●●Solid

LLM Gateway for OpenAI/Anthropic Written in Golang

Runs as a single binary with embedded SQLite and zero-config start, acting as a transparent, provider-agnostic proxy that logs model, tokens, latency, cost and API key hashes while leaving full body capture opt-in. It also proxies streaming responses in real time and exposes stable JSON analytics endpoints — a practical, instrumentable way to get reproducible, audit-ready traces for real LLM traffic, though long-term value depends on how it handles provider edge-cases and SDK compatibility.

Solve My ProblemNiche GemSlick
oatmale
423mo ago
SaaS●●Solid

Reviewskits – Open-source, headless, and self-hostable social proof

Headless testimonial API that lets agencies build custom widgets without SaaS fees.

Solve My ProblemDark Horse
LordKode
622mo ago