Guard Content

curl --request POST \
  --url https://api.promptguard.dev/api/v1/proxy/guard \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "messages": [
    {
      "role": "<string>",
      "content": ""
    }
  ],
  "direction": "input",
  "model": "<string>",
  "context": {
    "framework": "<string>",
    "chain_name": "<string>",
    "agent_id": "<string>",
    "session_id": "<string>",
    "tool_calls": [
      {}
    ],
    "metadata": {}
  }
}
'

{
  "decision": "<string>",
  "event_id": "<string>",
  "confidence": 123,
  "latency_ms": 123,
  "threat_type": "<string>",
  "redacted_messages": [
    {
      "role": "<string>",
      "content": ""
    }
  ],
  "threats": [
    {
      "type": "<string>",
      "confidence": 123,
      "details": "<string>"
    }
  ]
}

guard

Guard Content

Scan messages for security threats without proxying to an LLM.

This is the primary endpoint for auto-instrumentation and framework callback integrations. It runs the same policy engine, ML ensemble, preset configuration, custom rules, and entitlements checks as the proxy pipeline.

Use direction="input" before sending messages to the LLM and direction="output" after receiving a response.

Returns a decision of allow, block, or redact along with detailed threat information and optional redacted messages.

POST

api

proxy

guard

Guard Content

curl --request POST \
  --url https://api.promptguard.dev/api/v1/proxy/guard \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "messages": [
    {
      "role": "<string>",
      "content": ""
    }
  ],
  "direction": "input",
  "model": "<string>",
  "context": {
    "framework": "<string>",
    "chain_name": "<string>",
    "agent_id": "<string>",
    "session_id": "<string>",
    "tool_calls": [
      {}
    ],
    "metadata": {}
  }
}
'

{
  "decision": "<string>",
  "event_id": "<string>",
  "confidence": 123,
  "latency_ms": 123,
  "threat_type": "<string>",
  "redacted_messages": [
    {
      "role": "<string>",
      "content": ""
    }
  ],
  "threats": [
    {
      "type": "<string>",
      "confidence": 123,
      "details": "<string>"
    }
  ]
}

Authorizations

Authorization

string

header

required

API Key authentication for developer endpoints (/api/v1/*). Use format: 'Bearer pg_api_your_key_here'

Headers

x-api-key

string | null

Body

application/json

Request body for the guard endpoint.

messages

GuardMessage · object[]

required

Messages to scan (OpenAI-style message array)

Minimum array length: 1

Show child attributes

direction

string

default:input

Scan direction: 'input' (pre-LLM) or 'output' (post-LLM)

model

string | null

Model being used (for logging)

context

GuardContext · object

Optional framework context

Show child attributes

Response

Successful Response

Response from the guard endpoint.

decision

string

required

Policy decision: 'allow', 'block', or 'redact'

event_id

string

required

Unique event identifier for tracking

confidence

number

required

Confidence score of the decision

latency_ms

number

required

Processing time in milliseconds

threat_type

string | null

Primary threat type detected

redacted_messages

GuardMessage · object[] | null

Redacted messages (only present when decision='redact')

Show child attributes

threats

ThreatDetail · object[]

Detailed threat breakdown

Show child attributes

Guard Content Handle Webhook

⌘I

Getting Started

Core Endpoints

Advanced Features

API Reference

api-keys

usage

projects

agent

security

guard

GitHub Webhooks

Guard Content

Authorizations

Headers

Body

Response