Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.promptguard.co/llms.txt

Use this file to discover all available pages before exploring further.

Shadow AI runs in three deployment topologies. The same dashboard and engine power all three; only where the data plane runs — and how events reach the dashboard — changes. Clients switch with a single base_url.
ModeEngine runsDashboardEvents reach the dashboard via
Cloud (default)our cloudpromptguard.codirectly
Hybridyour infrastructurepromptguard.coa durable outbox → forwarder → control-plane ingest (live)
Air-gappedyour infrastructurea local instance of the same dashboardsigned bundles on physical media

Hybrid (self-hosted engine, cloud dashboard)

Set on the engine: 
DEPLOYMENT_MODE=data_plane
CONTROL_PLANE_URL=https://api.promptguard.co
INSTANCE_TOKEN=<minted per-instance token>
FORWARD_MODE=content      # or "metadata" — counts/decision/threat only, no prompt content
Every scanned event is written to an outbox in the same transaction, then forwarded to the control plane (idempotent, ordered, retries on outage). Policies authored in the cloud are pulled down automatically. Each instance authenticates with its own token and may only write events for its own organization’s projects.
FORWARD_MODE=metadata keeps per-request visibility and billing in the cloud dashboard while guaranteeing no prompt content ever leaves your infrastructure.

Air-gapped

The engine and a local dashboard run entirely inside your network with no outbound connection. Move events out for central review and policies in via HMAC-signed bundles on physical media (a tampered bundle is rejected): 
# export on the air-gapped engine
python scripts/airgap_export.py events --days 7 > events.bundle.json
# import on the cloud control plane (verifies signature + tenant)
curl -X POST $CLOUD/internal/v1/events/import -H "X-Instance-Token: $TOKEN" -d @events.bundle.json
In air-gapped mode, “the common dashboard” is a local instance — not promptguard.co. Cross-site aggregation is via signed bundles, not live.

Choosing a tier

Cloud

Fastest to deploy; full feedback loop.

Hybrid

Data plane on your infra; one cloud dashboard. The common case for security-sensitive buyers.

Air-gapped

No outbound at all; local dashboard + signed bundles. For regulated/isolated environments.