Building a sub-millisecond LLM security proxy in Go — lessons from 62 adversarial vectors (opens in new tab)

TL;DR — I spent 6 months building Tamga, an open-source reverse proxy that sits between your application and LLM providers (OpenAI, Anthropic, Azure) and enforces a security policy on every prompt in under 2ms. This post walks through the architecture decisions, the 62 adversarial test vectors I built, where 29 of them still bypass the scanners, and what I learned along the way. The problem nobody talks about I'm a SOC analyst intern at a Turkish bank. In my first weeks, I noticed something d...