Files
langchain/libs
John Kennedy 5b68956a0c feat(middleware): add Tool Firewall defense stack for prompt injection
Implements the complete defense stack from arXiv:2510.05244 and arXiv:2412.16682:

1. ToolInputMinimizerMiddleware (INPUT PROTECTION)
   - Filters tool arguments before execution
   - Prevents data exfiltration attacks
   - Based on Tool-Input Firewall from arXiv:2510.05244

2. TaskShieldMiddleware (TOOL USE PROTECTION)
   - Verifies actions align with user's goal
   - Blocks goal hijacking attacks
   - Based on Task Shield from arXiv:2412.16682

3. PromptInjectionDefenseMiddleware (OUTPUT PROTECTION)
   - Already existed, updated docstrings for clarity
   - Sanitizes tool outputs before agent processes them

Defense stack achieves 0% ASR on AgentDojo, InjecAgent, ASB, tau-Bench
benchmarks when used together.

Usage:
  middleware=[
      ToolInputMinimizerMiddleware(model),
      TaskShieldMiddleware(model),
      PromptInjectionDefenseMiddleware.check_then_parse(model),
  ]
2026-02-03 22:57:09 -08:00
..

Packages

Important

View all LangChain integrations packages

This repository is structured as a monorepo, with various packages located in this libs/ directory. Packages to note in this directory include:

core/             # Core primitives and abstractions for langchain
langchain/        # langchain-classic
langchain_v1/     # langchain
partners/         # Certain third-party providers integrations (see below)
standard-tests/   # Standardized tests for integrations
text-splitters/   # Text splitter utilities

(Each package contains its own README.md file with specific details about that package.)

Integrations (partners/)

The partners/ directory contains a small subset of third-party provider integrations that are maintained directly by the LangChain team. These include, but are not limited to:

Most integrations have been moved to their own repositories for improved versioning, dependency management, collaboration, and testing. This includes packages from popular providers such as Google and AWS. Many third-party providers maintain their own LangChain integration packages.

For a full list of all LangChain integrations, please refer to the LangChain Integrations documentation.