Check whether a factual CLAIM is true, grounded against the live web.

Use before an agent acts on, repeats, or surfaces a fact it isn't certain of — catches hallucinations (fabricated citations, invented policies, wrong numbers). Returns: verdict (supported | unsupported | uncertain), an honest 0-1 confidence, reasoning, and evidence. Abstains ('uncertain') rather than guess. (Independent fact-verification; maps to OWASP LLM/ASI guidance on grounding.)

Screen untrusted text or tool output for PROMPT-INJECTION / manipulation.

Use on anything an agent ingests from an outside source (web page, email, doc, tool result) BEFORE acting on it. Catches instruction-override, task/persona switching, grounding-override, jailbreaks, and multilingual attacks. Returns: verdict (clean | suspicious | injection | uncertain), threat_score, techniques, and a pass/sanitize/quarantine recommendation. (Maps to OWASP ASI02 Tool Misuse / LLM01 Prompt Injection — produces an audit artifact.)

Decide whether CONTENT is safe to publish, post, or surface.

Use before an agent sends or publishes generated content. Optional policy sets the standard; otherwise a conservative default-safe baseline is applied. Returns: decision (publish | review | block), violation_risk, categories, and reasons.

Detect personal data and secrets in a PAYLOAD before it is sent, stored, or logged.

Use before an agent transmits text outside a trust boundary. Flags PII (names, emails, IDs, financial, device/IP) and secrets (API keys, passwords, tokens). Returns: verdict (clean | contains_pii | contains_secret | review), severity, findings, and a redacted version of the payload. (Maps to OWASP ASI guidance on sensitive-data leakage — produces an audit artifact.)

THE MONEY-LINE GATE. Decide whether a proposed agent ACTION should proceed — use this right before the agent SPENDS, SENDS, or commits something irreversible (a payment, an outbound message, a destructive command, a data share).

Fail-closed: it will not 'allow' what it cannot justify as safe — uncertainty escalates to review, real red flags block. Returns: decision (allow | review | block), an honest 0-1 risk, concrete reasons, specific concerns, and a safer alternative. This independent, signed verdict is the thing no free local check can give the agent at the moment money or irreversibility is on the line. (Maps to OWASP ASI02 Tool Misuse / ASI08 Cascading Failures — produces an audit artifact.)