search

deadbits / vigil-llm

⚡ Vigil ⚡ Detect prompt injections, jailbreaks, and other potentially risky Large Language Model (LLM) inputs
https://vigil.deadbits.ai/
Apache License 2.0
270 stars 32 forks source link

YARA rule management #1

Open deadbits opened 10 months ago

deadbits commented 10 months ago

YARA rules should be managed via API and/or command line:

Add new rules
    Save to disk
    Enable rule in scanner
List enabled rules
    Name, tags, metadata
Remove rule

I can create a YARA "index" class that handles loading the rules, compiling rules and saving to disk, and pass the compiled rules to the yara scanner as needed. that way users can still add rules, etc via API without the scanner also needing to be enabled. right now yara rules are only loading when the scanner is enabled and loads, and theres no good way to reload if new rules are added.

deadbits commented 9 months ago

Actually will Flask reload on its own if a file is added to the yara directory?