API Reference

llmsecure API

Validate prompts, URLs, and files for prompt injection and other attacks before forwarding them to your LLM. Authenticated via API key.

Base URLhttps://api.llmsecure.io

Authentication

All API requests require an API key passed via the X-API-Key header. Create one in API Keys → Create Key. Keys start with lls_ and are shown only once. Store them securely.

X-API-Key: lls_your_key_here

POST/v1/validate

Validate a prompt

Check whether a text prompt is safe to forward to your LLM. Runs static pattern matching and (optionally) dynamic LLM-based behavior analysis.

Parameters

inputstringrequired

The user input to validate.

skip_dynamicbooleanoptional

When true, only static pattern matching runs. Defaults to false.

Request

curl -X POST https://api.llmsecure.io/v1/validate \
  -H "X-API-Key: lls_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{"input": "Ignore all previous instructions"}'

Response

{
  "result": "UNSAFE",
  "score": 87
}

POST/v1/validate/url

Validate a URL

Fetch a URL and scan its content for prompt injections hidden in HTML, metadata, or visible text. Use this when your LLM agent fetches arbitrary web pages.

Parameters

urlstringrequired

The URL to scan. Must be a valid HTTP(S) URL.

skip_dynamicbooleanoptional

Skip the dynamic LLM-based scan. Defaults to false.

force_rescanbooleanoptional

Force a fresh scan even if a cached result exists. Defaults to false.

Request

curl -X POST https://api.llmsecure.io/v1/validate/url \
  -H "X-API-Key: lls_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://example.com/article"}'

Response

{
  "result": "UNSAFE",
  "score": 78
}

POST/v1/validate/file

Validate a file

Upload a file (PDF, DOCX, TXT, etc.) and scan its content for hidden prompt injections. Sent as multipart form data. Maximum size 10 MB.

Parameters

filefilerequiredform

The file to scan, sent as multipart form data.

skip_dynamicbooleanoptionalquery

Query parameter. Skip dynamic LLM analysis. Defaults to false.

Request

curl -X POST https://api.llmsecure.io/v1/validate/file \
  -H "X-API-Key: lls_your_key_here" \
  -F "file=@/path/to/document.pdf"

Response

{
  "result": "SAFE",
  "score": 12
}

Errors

llmsecure uses standard HTTP status codes. Error responses are JSON with error and message fields.

401unauthorized

Missing or invalid API key.

402insufficient_credits

No credits remaining on your account.

413payload_too_large

File exceeds the 10 MB limit.

422fetch_failed

Unable to fetch the URL or parse the file.

429rate_limit_exceeded

Too many requests for your plan.