GLiGuard: Open-Source 300M Parameter Safety Moderation Model Claims 16x Speedup Over LLM Guardrails
Fastino Labs has open-sourced GLiGuard, a safety moderation model that replaces generative guardrails with a classification approach. The 300M parameter encoder handles four moderation tasks in one forward pass, achieving accuracy comparable to 7B–27B parameter decoder models while reducing latency by up to 16x. Weights are available under Apache 2.0 on Hugging Face, with inference also available on Pioneer.
Why decoder-based guardrails are slow
Current state-of-the-art guardrails (e.g., Llama Guard) use decoder-only transformers that generate verdicts token by token. This sequential generation makes them slow and expensive for real-time safety filtering. Most also evaluate safety dimensions separately, compounding latency. At 7B to 27B parameters, these models are costly to run at production scale.
GLiGuard's encoder approach
GLiGuard reframes moderation as text classification. It encodes both input text and task labels together, scoring all labels simultaneously in a single pass. Adding more safety dimensions (labels) does not add inference time. The model handles four concurrent tasks:
- Safety classification — safe / unsafe for both user prompts and model responses
- Jailbreak strategy detection — 11 categories (prompt injection, roleplay bypass, instruction override, social engineering, etc.)
- Harm category detection — 14 categories (violence, sexual content, hate speech, PII, misinformation, child safety, copyright violation, etc.)
- Refusal detection — compliance or refusal, used to measure over-refusal and false compliance
All four are evaluated together, where decoder models would require sequential passes or multiple model calls.
Benchmarks and performance
Across nine safety benchmarks, GLiGuard matches or exceeds models 23–90x its size while running up to 16x faster. No specific accuracy numbers are given in the post, but performance is claimed to be comparable to leading generative guardrails.
Who it's for
Teams deploying LLM agents or chat systems that need low-latency, cost-effective real-time safety filtering at scale.
📖 Read the full source: HN AI Agents
👀 See Also

Mymir: An Open-Source Project Graph for Coding Agents via MCP
Mymir gives agents a graph-based project map with dependencies, decisions, acceptance criteria, and previous execution notes, delivered via MCP to avoid re-explaining state across sessions.

Miasma: A tool to trap AI web scrapers with poisoned data
Miasma is a server tool that sends poisoned training data and self-referential links to AI web scrapers, creating an endless loop. It runs with minimal memory footprint and can be configured via CLI options including port, host, and link prefix.

OpenRoom: A Web-Based Desktop GUI for Visualizing AI Agent Skills
OpenRoom is a web-based desktop environment where AI agents operate, featuring real-time updates to system state like diaries and files during chat interactions, plus a livestream mode for multi-bot interaction.

DeepMind DiscoRL Meta Learning Update Rule Ported from JAX to PyTorch
A developer has ported DeepMind's DiscoRL meta learning update rule from the 2025 Nature article from JAX to PyTorch. The implementation includes a GitHub repository with a Colab notebook, API, and weights hosted on Hugging Face.