SECURITY ARCHITECTURE
Deterministic structural enforcement before and after model execution.
No LLM in the scoring engine. No probabilistic output. Span-level traceability. Replayable, versioned, auditable. Deployable in your VPC.
Execution Path
Client
→
V1 Deterministic Gate
→
Score < 0.80 = BLOCK
→
LLM
→
V3 Stabilize
→
Output
V1 scores inbound communication before the model sees it. If the structural integrity score falls below the gate threshold, execution is blocked and the input is returned with span-level evidence of what failed. V3 stabilizes outbound responses after the model generates, stripping hedges, filler, and drift before delivery.
Security Properties
Engine
Rule-based. Zero LLM dependency. No inference.
Determinism
Same input produces same score. Every time.
Traceability
Span-level evidence. Every finding has character positions.
Latency
~3ms average. No model call overhead.
Versioned
Scores include engine version. Replayable across time.
Deployment
SaaS, private VPC, or on-premise. Your infrastructure.
Threat Classes Detected
FM-001
Prompt Injection
Instruction-style framing, dominance directives, authority imposition embedded in input.
FM-002
Instruction Override
Formatted governance blocks attempting system-level authority without verification.
FM-003
Scope Expansion (T9)
Domain token injection beyond stated objective. Answer introduces 55%+ new domain tokens.
CCA
Constraint Collapse via Aggregation
Multiple constraints compressed into composite. Individual enforcement lost. Metrics appear healthy while localized failures are silent.
DCE
Deferred Constraint Externalization
Constraints acknowledged but enforcement pushed to later stages. "We'll address that later."
UDDS
Upstream Denial via Downstream Substitution
Constraints denied through narrative substitution. Boundary markers absent while narrative appears stable.
Deployment Models
Pre-LLM Gateway
Score and gate all inbound prompts before they reach model execution. Block structurally unsafe inputs at the interface layer. Reduces injection surface and prevents ambiguous or adversarial framing from entering the model context.
Post-LLM Validator
Score all model outputs before delivery. Detect fabricated certainty, missing constraints, commitment risk, and structural drift. Strip hedges and filler. Enforce objective anchoring and token ceiling.
Full Governance Pipeline
Pre-LLM gate + post-LLM stabilizer + secure token binding. The model never operates on raw input and never delivers ungoverned output. End-to-end structural enforcement with span-level audit trail.
Private VPC Deployment
Deploy the engine in your infrastructure. No data leaves your network. Same deterministic rules, same scoring, same audit trail. Supports air-gapped environments.
Compliance Alignment
Deterministic scoring with span-level evidence supports audit requirements across SOC 2, HIPAA, and ISO 27001 frameworks. Every score is versioned, replayable, and traceable to specific character positions in the input. No probabilistic output means no model hallucination in the governance layer.
