Show HN: Only firewall for AI prompts with a security grade on every PR (promptguard.co)

2 points by acebot712 ↗ HN
Every other gateway is detect-and-block. You don't get a security grade. You don't get red team in CI. We built the one that does.

PromptGuard is a proxy: change your base URL (one line with our SDK, or a few lines without), and every request gets checked for prompt injection, PII leaks, jailbreaks, and abuse. 20+ threat vectors, 39+ PII types. We also ship a red team suite and an autonomous agent that mutates attacks to find bypasses - you get a grade (A-F) and a GitHub Action that runs these tests on every PR. So you see where you're weak before you ship.

Works with OpenAI, Anthropic, Google, Azure, Gemini and more. Policy-as-Code. 10K free requests/month - link in the post.

Happy to answer questions.

1 comment

[ 3.6 ms ] story [ 10.9 ms ] thread
Interesting approach. This made me think about layering URL-level reputation checks alongside prompt-level scanning. Unit42's March 2026 research found 11 domains actively hosting hidden IDPI payloads in the wild — things like zero-font CSS instructions and JS-injected fork bombs.

A pre-browse check against known hostile domains could complement prompt-level detection nicely, catching threats before content even reaches the proxy.