Security built into every layer

SpiceDB (Zanzibar-style) permission checks combined with OPA + Rego policy evaluation. Sub-5ms authorization decisions before any request processing begins.

API key validation, rate limiting, and credential protection via Agent-Vault. Ensures all credentials are isolated and never exposed to downstream processors.

Multi-layer input analysis: LlamaFirewall (primary), DeBERTa-v3 semantic analysis, LLM Guard, Presidio PII detection, and PromptGuard 2 for injection prevention.

Guards against prompt injection through vector embeddings. Validates embedding integrity and prevents poisoned vector retrieval attacks.

Ensures requests are routed only to authorized providers with appropriate security classifications. Enforces data residency and compliance requirements.

Post-generation scanning of all LLM outputs for PII leakage, harmful content, and policy violations using LLM Guard and Presidio.

Adversarial probing with Augustus to continuously test defenses. Every request generates an audit trail for compliance and forensic analysis.

MCP tool scanning via mcp-scan. Validates tool provenance, checks for tampering, and enforces supply chain security for all MCP module calls.