STARTER KITPROPRIETARY

Security by Design Starter Kit

Boilerplate complet pour construire des applications IA securisees avec chatbot, RAG, MCP et protection Adlibo pre-integree.

Demarrage Rapide

Repository GitHub

Cloner le starter kit

Page Produit

Vue d'ensemble et tarifs

Contenu du Kit

Chatbot Frontend

Next.js + React

Interface conversationnelle moderne avec streaming SSE, Tailwind CSS et shadcn/ui.

Backend API

Node.js + TypeScript

Orchestration LLM, rate limiting, retry logic et validation des requetes.

RAG Pipeline

Retrieval-Augmented Generation

Embeddings, vector store (Pinecone/Chroma), recherche semantique et re-ranking.

Adlibo Security

Pre-integre

Detection d'injections (... patterns), DLP, filtrage RBAC et audit logging.

Installation

1. Cloner le repository

bash

git clone https://git.adlibo.com/Adlibo/starter-kit.git
cd starter-kit

2. Installer les dependances

bash

npm install

3. Configurer l'environnement

bash

cp .env.example .env

# Editer .env avec vos cles API
ADLIBO_API_KEY=al_live_xxx        # Requis
OPENAI_API_KEY=sk-xxx             # ou ANTHROPIC_API_KEY
DATABASE_URL=postgresql://...
NEXTAUTH_SECRET=xxx

4. Demarrer le serveur

bash

npm run dev

L'application sera disponible sur http://localhost:3000

Structure du Projet

plaintext

starter-kit/
├── src/
│   ├── frontend/          # Interface chatbot Next.js
│   │   ├── components/    # Composants UI
│   │   ├── hooks/         # React hooks
│   │   └── pages/         # Routes
│   ├── backend/           # API server
│   │   ├── routes/        # Endpoints API
│   │   ├── services/      # Logique metier
│   │   └── middleware/    # Auth, rate limiting
│   ├── rag/               # Implementation RAG
│   │   ├── embeddings/    # Generation embeddings
│   │   ├── vectorstore/   # Base vectorielle
│   │   └── retrieval/     # Recherche semantique
│   └── mcp/               # Connecteurs MCP
│       ├── tools/         # Definitions d'outils
│       └── handlers/      # Gestionnaires d'actions
├── docs/                  # Documentation educative
├── examples/              # Configurations exemples
└── .github/               # Workflows CI/CD

Intégration Multi-Frameworks

Le Starter Kit est disponible pour plusieurs environnements. Choisissez votre stack préférée.

▲

Next.js

React + SSR

🚂

Express

Node.js API

🐍

FastAPI

Python async

💚

Vue.js

Vue 3 + Vite

Next.js / React

typescript

// app/api/chat/route.ts
import { Adlibo } from '@adlibo/sdk';
import { OpenAI } from 'openai';

const adlibo = new Adlibo(process.env.ADLIBO_API_KEY!);
const openai = new OpenAI();

export async function POST(req: Request) {
  const { message } = await req.json();

  // 1. Analyse sécurité Adlibo
  const security = await adlibo.analyze(message);
  if (security.blocked) {
    return Response.json({ error: security.categories[0]?.name }, { status: 403 });
  }

  // 2. Appel LLM sécurisé
  const stream = await openai.chat.completions.create({
    model: 'gpt-4',
    messages: [{ role: 'user', content: security.sanitized || message }],
    stream: true,
  });

  return new Response(stream.toReadableStream());
}

Express.js / Node.js

javascript

// server.js
const express = require('express');
const { Adlibo } = require('@adlibo/sdk');
const OpenAI = require('openai');

const app = express();
const adlibo = new Adlibo(process.env.ADLIBO_API_KEY);
const openai = new OpenAI();

app.post('/api/chat', async (req, res) => {
  const { message } = req.body;

  // Analyse sécurité
  const security = await adlibo.analyze(message);
  if (security.blocked) {
    return res.status(403).json({ error: 'Blocked', reason: security.categories[0]?.name });
  }

  // Stream response
  res.setHeader('Content-Type', 'text/event-stream');
  const stream = await openai.chat.completions.create({
    model: 'gpt-4',
    messages: [{ role: 'user', content: security.sanitized || message }],
    stream: true,
  });

  for await (const chunk of stream) {
    res.write(`data: ${JSON.stringify(chunk)}\n\n`);
  }
  res.end();
});

app.listen(3000);

FastAPI / Python

python

# main.py
from fastapi import FastAPI, HTTPException
from fastapi.responses import StreamingResponse
from adlibo import Adlibo
from openai import OpenAI
import os

app = FastAPI()
adlibo = Adlibo(os.getenv("ADLIBO_API_KEY"))
openai_client = OpenAI()

@app.post("/api/chat")
async def chat(message: str):
    # Analyse sécurité
    security = adlibo.analyze(message)
    if security.blocked:
        raise HTTPException(403, detail=security.categories[0].name)

    # Stream response
    async def generate():
        stream = openai_client.chat.completions.create(
            model="gpt-4",
            messages=[{"role": "user", "content": security.sanitized or message}],
            stream=True,
        )
        for chunk in stream:
            if chunk.choices[0].delta.content:
                yield f"data: {chunk.choices[0].delta.content}\n\n"

    return StreamingResponse(generate(), media_type="text/event-stream")

Vue.js 3 + Vite

vue

<!-- Chat.vue -->
<script setup lang="ts">
import { ref } from 'vue';

const message = ref('');
const response = ref('');
const loading = ref(false);

async function sendMessage() {
  loading.value = true;
  response.value = '';

  const res = await fetch('/api/chat', {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify({ message: message.value }),
  });

  if (!res.ok) {
    const error = await res.json();
    alert(`Bloqué: ${error.reason}`);
    loading.value = false;
    return;
  }

  const reader = res.body?.getReader();
  const decoder = new TextDecoder();

  while (true) {
    const { done, value } = await reader!.read();
    if (done) break;
    response.value += decoder.decode(value);
  }
  loading.value = false;
}
</script>

<template>
  <div class="chat">
    <textarea v-model="message" placeholder="Votre message..." />
    <button @click="sendMessage" :disabled="loading">Envoyer</button>
    <div class="response">{{ response }}</div>
  </div>
</template>

Flask / Python (Alternative)

python

# app.py
from flask import Flask, request, jsonify, Response
from adlibo import Adlibo
from openai import OpenAI
import os

app = Flask(__name__)
adlibo = Adlibo(os.getenv("ADLIBO_API_KEY"))
openai_client = OpenAI()

@app.route("/api/chat", methods=["POST"])
def chat():
    message = request.json.get("message")

    # Analyse sécurité
    security = adlibo.analyze(message)
    if security.blocked:
        return jsonify({"error": security.categories[0].name}), 403

    def generate():
        stream = openai_client.chat.completions.create(
            model="gpt-4",
            messages=[{"role": "user", "content": security.sanitized or message}],
            stream=True,
        )
        for chunk in stream:
            if chunk.choices[0].delta.content:
                yield f"data: {chunk.choices[0].delta.content}\n\n"

    return Response(generate(), mimetype="text/event-stream")

if __name__ == "__main__":
    app.run(port=3000)

Protection RAG (Indirect Injection)

Scannez les documents récupérés pour détecter les injections indirectes.

typescript

// Scanner les documents recuperes pour injections indirectes
const context = await retrieveContext(query);

const contextSecurity = await adlibo.analyze(context);
if (contextSecurity.score > 50) {
  console.warn('Suspicious content in retrieved documents');
  // Filtrer ou ignorer le document suspect
}

MCP (Model Context Protocol)

Le starter kit inclut des exemples de tools MCP pour integrer des systemes externes.

typescript

// src/mcp/tools/index.ts
export const tools = [
  {
    name: 'query_database',
    description: 'Execute a read-only SQL query',
    input_schema: {
      type: 'object',
      properties: {
        query: { type: 'string', description: 'SQL SELECT query' },
        limit: { type: 'number', description: 'Max rows (default: 10)' }
      },
      required: ['query']
    }
  },
  {
    name: 'search_documents',
    description: 'Search internal documents by keyword',
    input_schema: {
      type: 'object',
      properties: {
        query: { type: 'string' },
        department: { type: 'string' }
      },
      required: ['query']
    }
  },
  {
    name: 'send_email',
    description: 'Send an email to a colleague',
    input_schema: {
      type: 'object',
      properties: {
        to: { type: 'string' },
        subject: { type: 'string' },
        body: { type: 'string' }
      },
      required: ['to', 'subject', 'body']
    }
  }
];

Couches de Securite

Couche	Protection	Statut
Input	Detection injection prompt (... patterns)
Context	Filtrage RBAC-aware
Output	Scan DLP (fuite de donnees)
Network	Rate limiting, CORS
Storage	Chiffrement au repos
Logging	Audit trails

Deploiement

Vercel

Recommande pour Next.js

bash

vercel deploy

Docker

Self-hosted

bash

docker build -t starter-kit .
docker run -p 3000:3000 starter-kit

Railway

One-click deploy

bash

railway up

Documentation Incluse

Le dossier /docs contient des guides educatifs complets.

00-GETTING-STARTED.md

Guide de demarrage rapide

01-LEARN.md

Fondamentaux de securite LLM

02-BUILD.md

Guide de construction pas a pas

03-AUDIT.md

Checklist de securite pre-production

04-ARCHITECTURE.md

Architecture systeme

05-ADLIBO-SDK.md

Integration SDK Adlibo

06-RAG-GUIDE.md

Implementation RAG

07-MCP-GUIDE.md

Integration MCP

08-DEPLOYMENT.md

Guide de deploiement production

Licence Proprietaire

Ce starter kit est fourni sous licence proprietaire Adlibo:

Usage interne et deploiement autorise
Modifications pour deploiement interne autorisees
✕Revente et redistribution interdites
✕Creation de produits concurrents interdite

Attribution requise: "Built with Adlibo Starter Kit - https://www.adlibo.com"

Documentation Associee

SDKs Officiels

JavaScript, Python, PHP

API Reference

Documentation API complete

DataShield

Tokenisation / Rehydratation LLM

Webhooks

Notifications temps reel

Besoin d'aide ?

Notre equipe peut vous aider a demarrer avec le starter kit.

GitHub Issues Contacter le Support Dashboard