Stop prompt injection before it reaches your LLM

API-first detection middleware. Model-agnostic. Sub-millisecond L1 scanning. Output integrity monitoring. Built for production agentic pipelines.

Read the docs →

How it works

Your App
[GJALLARHORN]
Your LLM
L1

Pattern Matching

Sub-millisecond. Zero LLM cost. Regex and heuristic matching for instruction hijacking, system prompt extraction, privilege escalation jargon, exfiltration-intent commands. Catches ~90% of known injection patterns before semantic analysis.

L1.5

Semantic Similarity

Embedding-based. Catches paraphrased and indirect variants missed by pattern matching. Searches a curated adversarial corpus via BAAI/bge-base-en-v1.5 embeddings. Bridges the gap between brittle regex and expensive LLM calls.

L2

Output Integrity (L2 / RAGNARÖK)

Opt-in for agentic pipelines. Canary-based detection: embeds a token in your agent's system prompt, then checks LLM output for its presence. Absence triggers alert_code: "RAGNARÖK" — indicating possible system prompt override. Content-free: Gjallarhorn never stores LLM output content. Verified in source code.

L3

Semantic Classification

Mistral-powered contextual probability scoring. Invoked only when L1.5 signals uncertainty, limiting API cost to ambiguous cases. Scope: extraction attacks, system prompt leakage, cross-account data requests.

L4

Harm Classification

Parallel classifier for harm-facilitation potential: CBRN synthesis, weapon construction, dangerous physical procedures. Deliberately out-of-scope: hate speech, misinformation, health advice, copyright.

L5

Multimodal Pre-processing

Extracts text from PDFs, images (via OCR), and QR codes before passing to L1–L4. PDF-parse with Mistral OCR fallback. Image extraction via Mistral OCR. QR extraction via local jsqr (no API call).

Privacy by design

/v1/scan endpoint

Your input is scanned and discarded. Only metadata is stored: risk score, detection layers triggered, timestamp, and API key ID. Never your content.

L2 canary check

A boolean string search. Your LLM output is received, checked for token presence, and discarded immediately. Zero content retention. Verified in source code (src/routes/canary.js, line 65).

No training on customer data

Ever. The detection corpus consists of synthetic entries and curated public datasets. Your production traffic is never used for model training or improvement without explicit opt-in (future feature).

No analytics. No tracking.

No analytics cookies. No tracking pixels. No third-party data collection beyond what Paddle strictly requires for payment processing. We don't know who your customers are or what they're asking your LLM.

Swiss jurisdiction. Infomaniak infrastructure.

All infrastructure runs on Infomaniak/Jelastic in Geneva, Switzerland. Swiss law applies. GDPR-equivalent data processing.

We take your data as seriously as we take your LLM security.

Quick integration

TypeScript / Node.js

import { GjallarhornClient } from '@gjallarhorn-hq/sdk'; const client = new GjallarhornClient({ apiKey: process.env.GJALLARHORN_API_KEY }); const result = await client.scan({ content: userInput }); if (result.risk_level === 'high') { return 'Request blocked'; }

Python

from gjallarhorn_sdk import GjallarhornClient client = GjallarhornClient( api_key=os.getenv('GJALLARHORN_API_KEY') ) result = client.scan( content=user_input ) if result['risk_level'] == 'high': return 'Request blocked'

L2 Agentic Output Monitoring (opt-in)

const agent = await client.registerAgent({ name: 'my-support-agent' }); // Embed agent.canaryToken in your agent's system prompt... const llmOutput = await llm.generate(prompt); const check = await client.checkCanary(llmOutput); if (check.alert_code === 'RAGNARÖK') { // System prompt override detected throw new Error('Agent integrity check failed'); }

See the full docs for more examples and API reference.

Transparent pricing

Starter
€10
10,000 credits
  • L1 scanning (1 credit)
  • L1.5 semantic (1 credit)
  • API access
Growth
€50
55,000 credits
  • All Starter features
  • L2 canary checks (1 credit)
  • Multimodal (5 + 2/page)
Scale
€200
240,000 credits
  • All Growth features
  • Higher rate limits
  • Volume discounts

💳 Auto-refill coming soon — set a threshold, stay in control, never overspend.

Join the waitlist