PromptShield
04 / Docs Catalogue rev. 2026.04

Wire it once.
Forget it forever.

PromptShield is built to disappear into your CI. Five minutes from this page to a passing GitHub Actions check. Below: the routes that exist today, plus the references we publish as new tiers ship.

Set up CI in 5 min → Run a free teaser scan
Quickstart Live

Run your first 5-attack teaser scan

No signup, no install, no API key. Paste an endpoint and a sample prompt template — get a severity-scored finding card in under 30 seconds. Useful as a sanity check before wiring CI.

  • Browser-only, deterministic against (endpoint, prompt) pair
  • 5 OWASP LLM Top 10 vectors covered (LLM01 / LLM02 / LLM06 / LLM08)
  • Result page deep-links into the full attack catalogue
Open →
CI integration Live

Block merges on CRITICAL findings

One-line GitHub Actions or GitLab CI gate. Adds a PR comment with the offending payload on failure and uploads the signed PDF as a build artifact. Set up in under 5 minutes.

  • Drop-in `npx promptshield scan` — no install required
  • `--fail-on CRITICAL | HIGH | MED` to tune noise
  • Reports persist as build artifacts for SOC 2 evidence
Open →
Attack catalogue Live

Every vector, mapped to OWASP LLM Top 10

Browse the public subset of the catalogue: payload names, detection indicators, mitigations, and references to OWASP, NIST AI RMF, and MITRE ATLAS. The Continuous tier exposes the full 217-vector set.

  • 12 vectors public, 217 in the Continuous tier
  • Each vector pinned to an OWASP LLM code (LLM01 — LLM10, 9 categories covered)
  • Reproducible payloads with stable IDs across catalogue revisions
Open →
API & CLI reference Coming soon

Programmatic access to scans and reports

REST endpoints for triggering scans, polling status, and pulling the JSON finding stream. CLI is a thin wrapper — anything `npx promptshield` does, the API does too.

  • OpenAPI 3.1 spec ships with each catalogue revision
  • Idempotent scan submission via `Idempotency-Key` header
  • Cursor-paginated finding stream for large suites
Webhooks & Slack Coming soon

Regression alerts when something new breaks

PromptShield diffs each scan against the previous one in the same pipeline. New CRITICAL or HIGH findings page Slack on the channel of your choice; webhooks fire for everything.

  • Slack: per-channel routing by severity
  • Webhooks: signed with HMAC-SHA256 over the raw body
  • Replay protection via `X-PromptShield-Timestamp`
Report schema Coming soon

What the procurement-ready PDF actually contains

Schema reference for the signed PDF: catalogue revision, attack run table, severity histogram, reproduction payloads, and the customer-logo cover page used by the Business tier.

  • Cover sheet: scope, endpoint, scan date, catalogue rev
  • Per-finding section: payload, response, indicators, mitigation
  • Cryptographic signature (Ed25519) over the report body
Editorial

We document what shipped, not what's planned. Specs land here when the corresponding tier turns on for paying customers — not before. If a section is marked Coming soon, it's actively under spec, and beta access goes out via the signup list.

For engineers

Skip the prose.
Wire CI now.

One YAML file. One secret. One PR comment when something breaks. The rest is reading.

CI guide →
For security & procurement

See a sample report
before you buy.

The teaser scan produces the same finding card we hand to auditors. Run it against a staging endpoint to see the format your procurement team will receive.

Run scan →