Skip to main content

Layerup Security

The Layerup Security integration allows you to secure your calls to any LangChain LLM, LLM chain or LLM agent. The LLM object wraps around any existing LLM object, allowing for a secure layer between your users and your LLMs.

While the Layerup Security object is designed as an LLM, it is not actually an LLM itself, it simply wraps around an LLM, allowing it to adapt the same functionality as the underlying LLM.


First, you'll need a Layerup Security account from the Layerup website.

Next, create a project via the dashboard, and copy your API key. We recommend putting your API key in your project's environment.

Install the Layerup Security SDK:

npm install @layerup/layerup-security

And install LangChain Community:

npm install @langchain/community

And now you're ready to start protecting your LLM calls with Layerup Security!

import {
} from "@langchain/community/llms/layerup_security";
import { GuardrailResponse } from "@layerup/layerup-security";
import { OpenAI } from "@langchain/openai";

// Create an instance of your favorite LLM
const openai = new OpenAI({
modelName: "gpt-3.5-turbo",
openAIApiKey: process.env.OPENAI_API_KEY,

// Configure Layerup Security
const layerupSecurityOptions: LayerupSecurityOptions = {
// Specify a LLM that Layerup Security will wrap around
llm: openai,

// Layerup API key, from the Layerup dashboard
layerupApiKey: process.env.LAYERUP_API_KEY,

// Custom base URL, if self hosting
layerupApiBaseUrl: "",

// List of guardrails to run on prompts before the LLM is invoked
promptGuardrails: [],

// List of guardrails to run on responses from the LLM
responseGuardrails: ["layerup.hallucination"],

// Whether or not to mask the prompt for PII & sensitive data before it is sent to the LLM
mask: false,

// Metadata for abuse tracking, customer tracking, and scope tracking.
metadata: { customer: "" },

// Handler for guardrail violations on the response guardrails
handlePromptGuardrailViolation: (violation: GuardrailResponse) => {
if (violation.offending_guardrail === "layerup.sensitive_data") {
// Custom logic goes here

return {
role: "assistant",
content: `There was sensitive data! I cannot respond. Here's a dynamic canned response. Current date: ${}`,

// Handler for guardrail violations on the response guardrails
handleResponseGuardrailViolation: (violation: GuardrailResponse) => ({
role: "assistant",
content: `Custom canned response with dynamic data! The violation rule was ${violation.offending_guardrail}.`,

const layerupSecurity = new LayerupSecurity(layerupSecurityOptions);
const response = await layerupSecurity.invoke(
"Summarize this message: my name is Bob Dylan. My SSN is 123-45-6789."

API Reference:

Was this page helpful?

You can also leave detailed feedback on GitHub.