--- license: apache-2.0 language: - en base_model: - protectai/deberta-v3-base-prompt-injection-v2 pipeline_tag: text-classification tags: - security - prompt - cyber-security - llm-security - prompt-injection - command-injection library_name: transformers --- # Command Injection Detector A fine-tuned DeBERTa model for detecting command injection attacks in prompts before they reach an LLM. ## Overview This model is part of [PromptWAF](https://github.com/edaerer/promptwaf) — a multi-layered ML-based Web Application Firewall designed to detect and block prompt injection attacks. The model identifies prompts containing shell command execution patterns (`; rm -rf`, `| cat /etc/passwd`, `$(whoami)`, backtick execution, etc.) commonly used in command injection attacks. ## Model Details - **Architecture**: DeBERTa (Base) - **Task**: Binary Sequence Classification - **Training Data**: Trained on a custom, internally curated command injection dataset - **Labels**: - `0` → Safe/Benign - `1` → Command Injection Attack ## Usage ### With PromptWAF ```bash # Automatically used in PromptWAF via .env configuration CMD_INJECTION_MODEL_DIR=edaerer/promptwaf-command-injection ``` ### Standalone ```python from transformers import AutoTokenizer, AutoModelForSequenceClassification import torch model_id = "edaerer/promptwaf-command-injection" tokenizer = AutoTokenizer.from_pretrained(model_id) model = AutoModelForSequenceClassification.from_pretrained(model_id) text = "List files; rm -rf / --no-preserve-root" inputs = tokenizer(text, return_tensors="pt") with torch.no_grad(): outputs = model(**inputs) probabilities = torch.softmax(outputs.logits, dim=-1) score = probabilities[0][1].item() # Malicious score print(f"Command Injection Risk: {score:.2%}") ``` ## Performance - **Threshold**: 0.5 (adjustable in PromptWAF) - **Input**: Max 256 tokens ## Integration This model is designed to work seamlessly with: - **PromptWAF** - The main security orchestrator - **HuggingFace Transformers** - For inference - Any standard sequence classification pipeline ## Citation ```bibtex @software{promptwaf2026, author = {Erer, Eda and Odabasi, Talha}, title = {PromptWAF: A Multi-Layered ML Defense for LLM Prompt Security}, year = {2026}, url = {https://github.com/edaerer/promptwaf} } ``` ## License Apache License 2.0 --- For more information, visit [PromptWAF GitHub Repository](https://github.com/edaerer/promptwaf)