Benchmarks
ThreatPrint — methodology & results
The numbers on the landing page come from a reproducible benchmark published in the Pulse-Proxy repository. This page summarizes the methodology, environment, and key tables from the April 13, 2026 run.
Detection rate
96%
Attack prompts correctly flagged
False positives
0%
Clean prompts falsely flagged
Median Worker CPU
1.41 ms
Cloudflare Analytics p50
Environment
| Proxy | https://proxy.orionslock.com |
|---|---|
| Endpoint | POST /v1/threatprint/test |
| Package version | 1.0.0 (package.json) |
| Rule bundle | RULES_VERSION = 2026.04.01 |
| Scanner | SCANNER_VERSION = 1.0.0 |
Methodology
- Driver: scripts/extended-benchmark.ps1 (PowerShell 5.1+).
- Corpus: 100 attack prompts (20 × 5 categories) and 100 clean prompts (20 × 5).
- Transport: sequential POSTs with X-Pulse-Key header and a 30 ms delay between calls.
- Scoring: live Worker ThreatPrint rules and the authenticated key's trust_level drive block/warn/log thresholds.
- Attack pass: blocked or warned counts as detected; logged-only is a miss.
- Clean pass: logged-only passes; blocked or warned is a false positive.
- Artifacts: results/benchmark-results.json and results/benchmark-summary.md (JSON is gitignored).
Executive summary
| Attack prompts | 100 |
|---|---|
| Clean prompts | 100 |
| Attacks blocked | 40 |
| Attacks warned | 56 |
| Attacks missed (logged only) | 4 |
| Detection rate | 96% |
| False positives on clean | 0 |
| False positive rate | 0% |
Attack detection by category
| Category | Blocked | Warned | Missed | Detection |
|---|---|---|---|---|
| prompt_injection | 4 | 16 | 0 | 100% |
| jailbreak | 11 | 8 | 1 | 95% |
| data_exfiltration | 15 | 5 | 0 | 100% |
| cost_abuse | 3 | 17 | 0 | 100% |
| encoded_obfuscation | 7 | 10 | 3 | 85% |
Clean prompts: false positives by category
| Category | Flagged (blocked or warned) |
|---|---|
| coding | 0 |
| business_writing | 0 |
| technical_explanation | 0 |
| data_analysis | 0 |
| creative_writing | 0 |
Reproducibility
Every prompt in the corpus is published verbatim in the Pulse-Proxy/BENCHMARKS.md document alongside the exact driver script. Given a valid Pulse key, any reviewer can re-run the full 200-prompt suite and publish their own numbers.
- Clone the Pulse-Proxy repo.
- Export
PULSE_KEY. - Run
.\scripts\extended-benchmark.ps1. - Inspect
results/benchmark-summary.md.
Benchmark run date: April 13, 2026. Corpus size: 100 attack + 100 clean. Numbers above match results/benchmark-summary.md from that run.