Lasso Security

Lasso LLM Gateway (Deputy)

Runtime LLM firewall / gateway powered by Lasso Intent Deputies that inspects every prompt and response at the intent layer - decoding obfuscation techniques and detecting prompt injection, goal manipulation, and data leakage. Deployed in front of LLM applications via Gateway, API, or SDK and backed by the same /classify scoring engine.

GitHub OpenAPI

Documentation

📖
Documentation
https://www.lasso.security/platform/lasso-for-applications

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/lasso-security/refs/heads/main/openapi/lasso-security-openapi.yml

OpenAPI Specification

lasso-security-openapi.yml Raw ↑ 
openapi: 3.0.1
info:
  title: Lasso Security Classify / Threat Detection API
  description: >-
    REST API for Lasso Security's GenAI guardrails. The Classify endpoint scores
    LLM prompts and completions for security violations - prompt injection,
    jailbreaks, harmful content, custom policies, and PII - and returns structured
    findings ("deputies") with action levels (BLOCK, WARN, AUTO_MASKING) and
    severity. The Classifix endpoint additionally returns PII-masked messages.
    Endpoints and field names are derived from public integrations (LiteLLM,
    Portkey) and the open-source Lasso MCP Gateway; consult Lasso for the
    authoritative reference.
  termsOfService: https://www.lasso.security/
  contact:
    name: Lasso Security
    url: https://www.lasso.security/
  version: '3.0'
servers:
  - url: https://server.lasso.security/gateway/v3
    description: Lasso Security v3 gateway
security:
  - LassoApiKey: []
paths:
  /classify:
    post:
      operationId: classify
      tags:
        - Classify
      summary: Classify messages for security violations.
      description: >-
        Submit an array of chat messages (a prompt or a completion) for
        real-time security classification. Returns whether violations were
        detected along with per-deputy findings and action levels.
      parameters:
        - name: lasso-user-id
          in: header
          required: false
          description: Optional end-user identifier for tracking and attribution.
          schema:
            type: string
        - name: lasso-conversation-id
          in: header
          required: false
          description: ULID grouping related calls within one conversation/session.
          schema:
            type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ClassifyRequest'
      responses:
        '200':
          description: Classification result.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ClassifyResponse'
        '401':
          description: Missing or invalid API key.
        '422':
          description: Invalid request payload.
        '429':
          description: Rate limit exceeded.
  /classifix:
    post:
      operationId: classifix
      tags:
        - Classify
        - Masking
      summary: Classify messages and return PII-masked content.
      description: >-
        Behaves like /classify but, when violations such as PII are detected and
        masking is enabled, also returns a masked copy of the input messages with
        sensitive values (emails, phone numbers, secrets, etc.) replaced by
        placeholders.
      parameters:
        - name: lasso-user-id
          in: header
          required: false
          description: Optional end-user identifier for tracking and attribution.
          schema:
            type: string
        - name: lasso-conversation-id
          in: header
          required: false
          description: ULID grouping related calls within one conversation/session.
          schema:
            type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ClassifyRequest'
      responses:
        '200':
          description: Classification result with masked messages.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ClassifixResponse'
        '401':
          description: Missing or invalid API key.
        '422':
          description: Invalid request payload.
        '429':
          description: Rate limit exceeded.
components:
  securitySchemes:
    LassoApiKey:
      type: apiKey
      in: header
      name: lasso-api-key
      description: Lasso API key issued from the Lasso dashboard (app.lasso.security).
  schemas:
    Message:
      type: object
      required:
        - role
        - content
      properties:
        role:
          type: string
          description: Role of the message author.
          enum:
            - system
            - user
            - assistant
            - tool
        content:
          type: string
          description: Message text to be classified.
    ClassifyRequest:
      type: object
      required:
        - messages
      properties:
        messages:
          type: array
          description: Ordered array of chat messages to classify.
          items:
            $ref: '#/components/schemas/Message'
        messageType:
          type: string
          description: Whether the payload represents a prompt or a completion.
          enum:
            - PROMPT
            - COMPLETION
        userId:
          type: string
          description: Optional end-user identifier.
        sessionId:
          type: string
          description: Conversation/session identifier (ULID).
        tools:
          type: array
          description: Optional tool / function definitions associated with the request.
          items:
            type: object
            additionalProperties: true
    Finding:
      type: object
      properties:
        name:
          type: string
          description: Name of the specific finding.
        category:
          type: string
          description: High-level category of the finding (e.g., SAFETY).
        action:
          type: string
          description: Recommended enforcement action.
          enum:
            - BLOCK
            - WARN
            - AUTO_MASKING
        severity:
          type: string
          description: Severity of the finding.
          enum:
            - LOW
            - MEDIUM
            - HIGH
    ClassifyResponse:
      type: object
      properties:
        violations_detected:
          type: boolean
          description: True if one or more violations were detected.
        deputies:
          type: object
          description: >-
            Map of deputy (detector) name to a boolean indicating whether that
            deputy fired - e.g. jailbreak, custom-policies, sexual, hate,
            illegality, codetect, violence, pattern-detection.
          additionalProperties:
            type: boolean
        findings:
          type: object
          description: Map of deputy name to an array of structured findings.
          additionalProperties:
            type: array
            items:
              $ref: '#/components/schemas/Finding'
    ClassifixResponse:
      allOf:
        - $ref: '#/components/schemas/ClassifyResponse'
        - type: object
          properties:
            messages:
              type: array
              description: >-
                Masked copy of the input messages with PII / sensitive values
                replaced by placeholders (present when masking applied).
              items:
                $ref: '#/components/schemas/Message'