Skip to content
reaatechREAATECH

Files · OpenRouter Security Guardrails for SMB API Protection

40 (0 binary, 283.1 kB total)attempt 2

Download example (zip)Back to tutorial
README.md·2249 B·markdown
markdown
# OpenRouter Security Guardrails for SMB API Protection
 
> A lightweight API gateway that screens every AI prompt and response for PII, injection attempts, and unsafe content, using OpenRouter's unified model access.
 
## Problem
 
SMBs integrating AI into customer-facing apps worry about data leaks, prompt injection, and brand-damaging responses. Adding safety checks to every endpoint is error-prone and time-consuming.
 
## Solution
 
This recipe deploys an inline guardrail layer using REAA's classifier-evals, agent-eval-harness-gate, agent-handoff-validation, circuit-breaker-agents, and circuit-breaker-core. Incoming prompts are scored by the classifier; unsafe inputs are blocked by the eval gate before they reach the model. Outgoing responses are sanitized by agent-handoff-validation. If the model starts misbehaving, the circuit breaker cuts off requests.
 
## Architecture
 
```
Client Request
    |
    v
[Hono Middleware Pipeline]
    |
    v
classifier-evals --> Prompt Screening (PII, injection)
    |
    v
agent-eval-harness-gate --> Policy Enforcement
    |
    v
circuit-breaker-agents --> Protected LLM Call
    |
    v
agent-handoff-validation --> Response Sanitization
    |
    v
Response to Client
```
 
## Installation
 
```bash
pnpm install --no-frozen-lockfile
```
 
## Configuration
 
Copy `.env.example` to `.env` and fill in:
 
```
OPENROUTER_API_KEY=<your-openrouter-key>
LOG_LEVEL=info
GUARD_CLASSIFIER_THRESHOLD=0.7
GUARD_CB_FAILURE_THRESHOLD=5
GUARD_CB_RECOVERY_MS=30000
GUARD_CB_ENABLED=true
OPENROUTER_MODEL=openai/gpt-5.2
PORT=3000
```
 
## Usage
 
### Start the server
 
```bash
pnpm tsx src/index.ts
```
 
### API Endpoints
 
**POST /api/v1/chat** — Send a prompt through the guardrail pipeline.
 
Request:
```json
{ "prompt": "What is the weather like today?" }
```
 
Response (success):
```json
{
  "response": "I don't have access to current weather data...",
  "model": "openai/gpt-5.2",
  "usage": { "promptTokens": 10, "completionTokens": 25 },
  "flags": []
}
```
 
Response (blocked):
```json
{
  "blocked": true,
  "reason": "prompt_injection"
}
```
 
**GET /health** — Health check endpoint.
 
**GET /status** — Circuit breaker state and configuration info.
 
## Testing
 
```bash
pnpm test
```
 
## License
 
MIT