# PromptGuard a structured framework for injection resilient language models

**Authors:** Ahmed Alzahrani

PMC · DOI: 10.1038/s41598-025-31086-y · Scientific Reports · 2026-01-09

## TL;DR

PromptGuard is a new framework that improves the safety of large language models by defending against prompt injection attacks without requiring retraining.

## Contribution

A modular, four-layer defense framework for injection resilience in LLMs that does not require retraining.

## Key findings

- The framework reduces injection success rates by up to 67% across multiple LLMs.
- It achieves an F1-score of 0.91 in detecting malicious instructions with less than 8% latency increase.
- The method is effective as a lightweight, retraining-free solution for real-world LLM deployment.

## Abstract

Prompt injection attacks threaten the reliability of large language models (LLMs) by embedding adversarial instructions that override intended behavior and compromise task fidelity. Existing defenses are typically narrow in scope or depend on retraining, limiting their adaptability across deployment contexts. This paper presents a modular, four-layer defense framework that integrates input gatekeeping, structured prompt formatting, semantic output validation, and adaptive response refinement (ARR). The pipeline combines regex and MiniBERT-based detection to identify and block malicious instructions, while structured formatting and critic-based validation ensure consistent task alignment. Evaluations on PromptBench, InjectBench, and TruthfulQA demonstrate that the framework enhances robustness across multiple LLMs, achieving up to a 67% reduction in injection success rate and an F1-score of 0.91 in detection, with a latency increase below 8%. These results confirm the framework’s effectiveness as a lightweight, retraining-free approach for strengthening LLM safety and reliability in real-world applications.

The online version contains supplementary material available at 10.1038/s41598-025-31086-y.

## Full-text entities

- **Diseases:** infection (MESH:D007239), LLM (MESH:D007806), hallucination (MESH:D006212), Fatigue (MESH:D005221)
- **Chemicals:** vitamin D (MESH:D014807), magnesium (MESH:D008274), regex (-)
- **Species:** Homo sapiens (human, species) [taxon 9606]

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/PMC12789616/full.md

## Figures

10 figures with captions in the complete paper: https://tomesphere.com/paper/PMC12789616/full.md

## References

7 references — full list in the complete paper: https://tomesphere.com/paper/PMC12789616/full.md

---
Source: https://tomesphere.com/paper/PMC12789616