Show HN: ReasonGate- An explainable gate that blocks LLM prompt injection

AI safety tool says it can stop scam prompts, but commenters are calling foul

TLDR: ReasonGate claims it can stop hidden trick instructions before a chatbot does real-world damage like leaking data or sending money. Commenters were divided between curiosity and brutal skepticism, with several saying the pitch felt overhyped and one user claiming they bypassed it almost instantly.

A flashy new project called ReasonGate showed up on Hacker News promising to be the bouncer for chatbots: if a sneaky instruction is hidden inside a customer file, it blocks the trick before the bot can do something disastrous like email private data or wire money. The pitch is simple enough for anyone to get: don’t trust the chatbot to tell good instructions from bad ones, put a guard at the door instead. And the creator really went for the drama, leading with a bank nightmare scenario where $84,200 supposedly goes out the door if the shield is off.

But the real show was in the comments, where readers instantly split into two camps: “interesting idea” versus “absolutely not buying this.” One user begged for a proper demo because the project felt like “magic” without seeing it in action. Another wondered if it could become a usable feature in real apps. Then the knives came out. One commenter roasted the write-up as “garbage readme” and accused it of feeling heavily AI-written, basically saying the whole thing smelled like polished buzzword soup. The toughest critics went straight for the scariest part: if your tool admits it can miss attacks, how comforting is that when the example involves a bot sending money to criminals?

And then came the classic internet move: someone tested it with a quick jailbreak-style prompt and claimed it sailed through with a risk score of 0.00. That turned the thread into a familiar tech-food fight: is this a promising security layer, or just another shiny demo getting demolished by five minutes of public QA?

Key Points

  • ReasonGate is presented as an explainable security gate for LLM applications that blocks prompt injection and provides auditable reasons for each decision.
  • The article demonstrates a bank support agent scenario where disabling the shield allows a poisoned record to trigger an email leak and an $84,200 transfer, while enabling the shield blocks the attack before model execution.
  • ReasonGate is described as model-agnostic and able to wrap OpenAI, Anthropic, local models, and custom RAG pipelines while inspecting user prompts, retrieved context, and model outputs.
  • The open-source core is rule-only, pure Python, and zero-dependency, while a separate enterprise add-on enables embedding-based ML detection and provenance detection through a stable plugin interface.
  • The system uses layered defenses including normalization/deobfuscation, injection and jailbreak detection, indirect injection scanning, and leakage/canary detection, with a policy engine fusing signals into allow, flag, or block decisions.

Hottest takes

"what is this garbage readme?" — fl0id
"That seems incompatible to me" — simonw
"risk score of 0.00" — inventor7777
Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.