Open-source (Apache 2.0) toolkit of input and output scanners that detect, redact, and sanitize LLM prompts and responses for prompt injection, PII, toxicity, secrets, and more. The llm-guard-api service wraps the library in a self-hostable FastAPI app exposing /analyze and /scan endpoints for prompts and outputs.
openapi: 3.0.1
info:
title: LLM Guard API
description: >-
Self-hostable REST API for LLM Guard, Protect AI's open-source (Apache 2.0)
security toolkit for LLM interactions. The llm-guard-api service wraps the
llm-guard Python library in a FastAPI application and exposes scanners that
detect, redact, and sanitize prompts and outputs for prompt injection, PII,
toxicity, secrets, banned topics, and more. Scanners are configured per
deployment via scanners.yml. This specification documents the real
self-hosted API surface; Protect AI's commercial products (Guardian, Recon,
Layer) do not publish a public REST API and are not modeled here.
termsOfService: https://protectai.com/terms
contact:
name: Protect AI / LLM Guard
url: https://llm-guard.com/
license:
name: Apache 2.0
url: https://www.apache.org/licenses/LICENSE-2.0
version: '1.0'
servers:
- url: http://localhost:8000
description: Default local llm-guard-api deployment (FastAPI/Uvicorn).
security:
- bearerAuth: []
- {}
paths:
/:
get:
operationId: getRoot
tags:
- System
summary: Service metadata.
description: Returns basic service and version information for the running LLM Guard API.
responses:
'200':
description: OK
content:
application/json:
schema:
type: object
additionalProperties: true
/healthz:
get:
operationId: getHealthz
tags:
- System
summary: Liveness probe.
description: Returns the liveness status of the API process.
responses:
'200':
description: Service is alive.
content:
application/json:
schema:
$ref: '#/components/schemas/HealthStatus'
/readyz:
get:
operationId: getReadyz
tags:
- System
summary: Readiness probe.
description: Returns readiness once scanners are loaded and the API can serve scan requests.
responses:
'200':
description: Service is ready.
content:
application/json:
schema:
$ref: '#/components/schemas/HealthStatus'
/metrics:
get:
operationId: getMetrics
tags:
- System
summary: Prometheus metrics.
description: Exposes Prometheus-format metrics for the API when metrics are enabled.
responses:
'200':
description: Metrics in Prometheus text exposition format.
content:
text/plain:
schema:
type: string
/analyze/prompt:
post:
operationId: analyzePrompt
tags:
- Prompt
summary: Analyze and sanitize a prompt.
description: >-
Runs the configured input scanners over the supplied prompt and returns
the sanitized prompt, an overall validity flag, and per-scanner risk
scores. Scanners that redact or anonymize content (for example PII
anonymization) apply their changes to the returned sanitized_prompt.
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/AnalyzePromptRequest'
responses:
'200':
description: Prompt analyzed.
content:
application/json:
schema:
$ref: '#/components/schemas/AnalyzePromptResponse'
'400':
description: Invalid request.
'403':
description: Authentication failed.
/scan/prompt:
post:
operationId: scanPrompt
tags:
- Prompt
summary: Scan a prompt.
description: >-
Runs the configured input scanners over the supplied prompt and returns
the validity flag and per-scanner risk scores without returning a
modified prompt. Use /analyze/prompt when sanitized text is required.
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/ScanPromptRequest'
responses:
'200':
description: Prompt scanned.
content:
application/json:
schema:
$ref: '#/components/schemas/ScanPromptResponse'
'400':
description: Invalid request.
'403':
description: Authentication failed.
/analyze/output:
post:
operationId: analyzeOutput
tags:
- Output
summary: Analyze and sanitize an output.
description: >-
Runs the configured output scanners over the LLM response (with the
originating prompt for context) and returns the sanitized output, an
overall validity flag, and per-scanner risk scores.
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/AnalyzeOutputRequest'
responses:
'200':
description: Output analyzed.
content:
application/json:
schema:
$ref: '#/components/schemas/AnalyzeOutputResponse'
'400':
description: Invalid request.
'403':
description: Authentication failed.
/scan/output:
post:
operationId: scanOutput
tags:
- Output
summary: Scan an output.
description: >-
Runs the configured output scanners over the LLM response (with the
originating prompt for context) and returns the validity flag and
per-scanner risk scores without returning a modified output.
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/ScanOutputRequest'
responses:
'200':
description: Output scanned.
content:
application/json:
schema:
$ref: '#/components/schemas/ScanOutputResponse'
'400':
description: Invalid request.
'403':
description: Authentication failed.
components:
securitySchemes:
bearerAuth:
type: http
scheme: bearer
description: >-
Optional bearer token authentication, enabled per deployment via the
llm-guard-api configuration. Deployments may also run without auth.
schemas:
HealthStatus:
type: object
properties:
status:
type: string
example: ok
AnalyzePromptRequest:
type: object
required:
- prompt
properties:
prompt:
type: string
description: The user prompt to analyze and sanitize.
scanners_suppress:
type: array
description: Optional list of scanner names to skip for this request.
items:
type: string
AnalyzePromptResponse:
type: object
properties:
sanitized_prompt:
type: string
description: The prompt after applicable scanners have redacted or anonymized content.
is_valid:
type: boolean
description: True when the prompt passed all configured scanners.
scanners:
type: object
description: Map of scanner name to risk score (0.0 - 1.0).
additionalProperties:
type: number
format: float
ScanPromptRequest:
type: object
required:
- prompt
properties:
prompt:
type: string
description: The user prompt to scan.
scanners_suppress:
type: array
items:
type: string
ScanPromptResponse:
type: object
properties:
is_valid:
type: boolean
scanners:
type: object
additionalProperties:
type: number
format: float
AnalyzeOutputRequest:
type: object
required:
- prompt
- output
properties:
prompt:
type: string
description: The originating prompt, used by output scanners for context.
output:
type: string
description: The LLM response to analyze and sanitize.
scanners_suppress:
type: array
items:
type: string
AnalyzeOutputResponse:
type: object
properties:
sanitized_output:
type: string
is_valid:
type: boolean
scanners:
type: object
additionalProperties:
type: number
format: float
ScanOutputRequest:
type: object
required:
- prompt
- output
properties:
prompt:
type: string
output:
type: string
scanners_suppress:
type: array
items:
type: string
ScanOutputResponse:
type: object
properties:
is_valid:
type: boolean
scanners:
type: object
additionalProperties:
type: number
format: float