Lakera AI
快速开始
1. 在您的LiteLLM config.yaml中定义Guardrails
在guardrails部分定义您的guardrails
model_list:
- model_name: gpt-3.5-turbo
litellm_params:
model: openai/gpt-3.5-turbo
api_key: os.environ/OPENAI_API_KEY
guardrails:
- guardrail_name: "lakera-guard"
litellm_params:
guardrail: lakera # 支持的值: "aporia", "bedrock", "lakera"
mode: "during_call"
api_key: os.environ/LAKERA_API_KEY
api_base: os.environ/LAKERA_API_BASE
- guardrail_name: "lakera-pre-guard"
litellm_params:
guardrail: lakera # 支持的值: "aporia", "bedrock", "lakera"
mode: "pre_call"
api_key: os.environ/LAKERA_API_KEY
api_base: os.environ/LAKERA_API_BASE
mode支持的值
pre_call在LLM调用之前运行,针对输入post_call在LLM调用之后运行,针对输入和输出during_call在LLM调用期间运行,针对输入 与pre_call相同,但在LLM调用期间并行运行。直到guardrail检查完成才返回响应
2. 启动LiteLLM网关
litellm --config config.yaml --detailed_debug
3. 测试请求
- 不成功的调用
- 成功的调用
预期这次调用会失败,因为请求中的ishaan@berri.ai是PII信息
curl -i http://localhost:4000/v1/chat/completions \
-H "Content-Type: application/json" \
-H "Authorization: Bearer sk-npnwjPQciVRok5yNZgKmFQ" \
-d '{
"model": "gpt-3.5-turbo",
"messages": [
{"role": "user", "content": "hi my email is ishaan@berri.ai"}
],
"guardrails": ["lakera-guard"]
}'
预期失败的响应
{
"error": {
"message": {
"error": "违反内容安全策略",
"lakera_ai_response": {
"model": "lakera-guard-1",
"results": [
{
"categories": {
"prompt_injection": true,
"jailbreak": false
},
"category_scores": {
"prompt_injection": 0.999,
"jailbreak": 0.0
},
"flagged": true,
"payload": {}
}
],
"dev_info": {
"git_revision": "cb163444",
"git_timestamp": "2024-08-19T16:00:28+02:00",
"version": "1.3.53"
}
}
},
"type": "None",
"param": "None",
"code": "400"
}
}
curl -i http://localhost:4000/v1/chat/completions \
-H "Content-Type: application/json" \
-H "Authorization: Bearer sk-npnwjPQciVRok5yNZgKmFQ" \
-d '{
"model": "gpt-3.5-turbo",
"messages": [
{"role": "user", "content": "hi what is the weather"}
],
"guardrails": ["lakera-guard"]
}'
高级设置
设置基于类别的阈值
Lakera有两个用于prompt_injection攻击的类别:
- jailbreak
- prompt_injection
model_list:
- model_name: fake-openai-endpoint
litellm_params:
model: openai/fake
api_key: fake-key
api_base: https://exampleopenaiendpoint-production.up.railway.app/
guardrails:
- guardrail_name: "lakera-guard"
litellm_params:
guardrail: lakera # 支持的值: "aporia", "bedrock", "lakera"
mode: "during_call"
api_key: os.environ/LAKERA_API_KEY
api_base: os.environ/LAKERA_API_BASE
category_thresholds:
prompt_injection: 0.1
jailbreak: 0.1
