Documentation

KoreShield is an LLM security gateway that sits between your app and model providers. It scans prompts and RAG context, applies policy decisions, and blocks unsafe requests before they reach providers.

What It Protects

• direct prompt injection attempts
• indirect/RAG injection hidden in retrieved documents
• policy and compliance violations based on configured rules

Current Provider Support

• DeepSeek
• OpenAI
• Anthropic
• Gemini
• Azure OpenAI

Core Runtime Endpoints

• POST /v1/chat/completions (protected)
• POST /v1/rag/scan (protected)
• POST /v1/scan and POST /v1/scan/batch (protected)
• GET /v1/scans (protected)
• GET /health, GET /status, GET /metrics

Authentication

Protected endpoints accept:

1. Authorization: Bearer <jwt>
2. X-API-Key: ks_...
3. ks_access_token httpOnly cookie

JWT validation enforces iss, aud, signature, and expiration checks.

Start Here

• Client Integration Guide
• Quick Start
• Installation
• API Reference
• Integrations