AISG is a complete security gateway, not just a PII model. It intercepts every request across all providers, blocks prompt injection, enforces spend limits, and fails closed when the safety layer is unreachable. Deploy on your infrastructure with Docker Compose in 60 seconds.
Don't trust black-box safety. Verify it. Run the same enforcement layer inside your VPC.
git clone https://github.com/aisecuritygateway/aisecuritygateway.git
cd aisecuritygateway
cp .env.example .env # add your provider key
docker compose up -d # gateway + presidioThen send requests to http://localhost:8000/v1/chat/completions
What’s Included
The OSS release includes the core AI governance layer. No feature flags, no watermarks, no time limits. Apache 2.0 — use it however you want.
PII detection & redaction — emails, SSNs, credit cards, phone numbers, names, locations, and IP addresses via Microsoft Presidio.
5 custom recognizers catch API keys, AWS credentials, GitHub tokens, private keys, and Slack webhooks before they reach any LLM.
5 core attack patterns detected — jailbreaks, instruction overrides, system prompt extraction, DAN, and developer mode exploits.
Bring your own keys for OpenAI, Anthropic, Google, Groq, and more. Swap providers in config — no code changes needed.
Drop-in replacement. Point your existing OpenAI SDK at AISG and every request gets scanned automatically. Zero code changes.
If the security layer is unreachable, requests are blocked — never forwarded unscanned. Security over availability.
Architecture
┌──────────────┐ ┌───────────────┐ ┌──────────────┐
│ Your App │────▶│ AISG Proxy │────▶│ LLM Provider│
│ (OpenAI SDK)│ │ :8000 │ │ (Groq, etc) │
└──────────────┘ └──────┬────────┘ └──────────────┘
│ DLP scan
┌──────▼────────┐
│ Presidio │
│ :5002 │
└───────────────┘The proxy intercepts every request, scans it through Presidio for PII/secrets/injection, then forwards clean requests to the upstream provider. Fail-closed: if Presidio is unreachable, requests are blocked.
OSS vs Cloud
The OSS gives you the core security proxy. When you need dashboards, multi-project management, smart routing, or team features — upgrade to Cloud.
OSS: Simple, reliable routing using x-provider and x-model headers. You pick the provider and model — the gateway forwards directly using your own keys.
Cloud: Full Smart Router with real-time cost optimization, dynamic provider selection, automatic failover chains, live pricing registry, and per-project budget policies. No manual configuration needed.
| Feature | OSS | Cloud |
|---|---|---|
| PII detection & redaction | 13 entity types | 28+ entity types |
| Secret leak prevention | 5 recognizers | Extended (AWS Secret Key, crypto, MAC) |
| Prompt injection blocking | 5 core patterns | Extended pattern library |
| OCR image scanning | — | Yes (screenshots, docs, PDFs) |
| Routing | Header-based (x-provider) | Smart Router + real-time pricing |
| Failover | — | Automatic intelligent chains |
| Cost optimization | — | Automatic (cheapest per request) |
| Budget enforcement | — | Per-project caps + alerts + analytics |
| Deployment | Self-hosted | Managed cloud |
| Multi-project management | — | |
| Project-level DLP policies | — | |
| Dashboards & analytics | — | |
| Real-time model pricing registry | — | |
| SLA & support | Community |
Clone the repo, add your provider key, and run docker compose up. Your first secured request in under 60 seconds.