New open-source multi-agent firewall blocks 94.93% of LLM data leaks
Researchers build an open-source firewall using multi-agent AI to stop sensitive data leakage through LLM interactions.
A team of researchers from Universidad Politécnica de Madrid has published a paper on arXiv (2607.08282) detailing a novel multi-agent firewall architecture designed to protect sensitive data when users interact with large language models (LLMs). The open-source system consists of a browser extension and a proxy server that intercept all HTTP(S) and WebSocket traffic flowing between the user and the LLM. At its core, a flexible pipeline of multiple agents—some based on deterministic pattern matching, others powered by LLM-driven semantic analysis—works to detect and block data leakage, including proprietary code exposure. The system is built with extensibility in mind, allowing future modules for prompt injection evasion.
The architecture is designed for deployment across heterogeneous environments, letting organizations tailor the trade-off between computational cost, detection depth, and latency. In evaluations, the firewall achieved F1 scores of up to 94.93% when configured optimally. The researchers emphasize that as LLMs become more integrated into workflows, user-facing privacy controls are critical. This open-source approach gives enterprises a customizable safeguard that does not rely on LLM providers' own security measures, making it a promising tool for compliance-conscious teams handling sensitive or regulated data.
- Open-source firewall combines a browser extension and proxy to intercept all HTTP(S) and WebSocket LLM traffic.
- Hybrid detection pipeline uses deterministic detectors plus LLM-driven semantic analysis for data leakage and code exposure prevention.
- Achieves F1 scores up to 94.93% on optimal configurations; extensible for prompt injection defense.
Why It Matters
Gives enterprises a customizable, open-source layer to prevent sensitive data leakage through LLM interactions, crucial for compliance.