Palo Alto Networks · JSON Structure

Prisma Airs Api Content Scan Result Structure

ContentScanResult schema from Palo Alto Networks Prisma AIRS API

Type: object Properties: 4
Cloud SecurityCybersecurityFirewallNetwork SecuritySASESOARThreat IntelligenceXDR

ContentScanResult is a JSON Structure definition published by Palo Alto Networks, describing 4 properties. It conforms to the https://json-structure.org/meta/core/v0/# meta-schema.

Properties

prompt_detected response_detected verdict action

Meta-schema: https://json-structure.org/meta/core/v0/#

JSON Structure

Raw ↑ 
{
  "$schema": "https://json-structure.org/meta/core/v0/#",
  "$id": "https://raw.githubusercontent.com/api-evangelist/palo-alto-networks/refs/heads/main/json-structure/prisma-airs-api-content-scan-result-structure.json",
  "name": "ContentScanResult",
  "description": "ContentScanResult schema from Palo Alto Networks Prisma AIRS API",
  "type": "object",
  "properties": {
    "prompt_detected": {
      "type": "object",
      "description": "Threats detected in the prompt field.",
      "properties": {
        "url_cats": {
          "type": "boolean",
          "description": "Malicious URL categories detected in prompt."
        },
        "dlp": {
          "type": "boolean",
          "description": "Data loss prevention triggers in prompt."
        },
        "injection": {
          "type": "boolean",
          "description": "Prompt injection detected."
        }
      }
    },
    "response_detected": {
      "type": "object",
      "description": "Threats detected in the response field.",
      "properties": {
        "url_cats": {
          "type": "boolean",
          "description": "Malicious URL categories detected in response."
        },
        "dlp": {
          "type": "boolean",
          "description": "Data loss prevention triggers in response."
        },
        "toxic_content": {
          "type": "boolean",
          "description": "Toxic or harmful content detected in response."
        }
      }
    },
    "verdict": {
      "type": "string",
      "description": "Overall verdict for this content pair.",
      "enum": [
        "benign",
        "malicious"
      ]
    },
    "action": {
      "type": "string",
      "description": "Action taken based on the security profile configuration.",
      "enum": [
        "allow",
        "block"
      ]
    }
  }
}