Shrike FAQs

Question 1

Can Shrike secure specific operations like SQL queries or file writes?

Accepted Answer

Yes, Shrike provides dedicated tools like `scan_sql_query` to prevent SQL injection and dangerous operations, and `scan_file_write` to validate paths and content, protecting against path traversal and sensitive data exposure during file operations.

Question 2

What is Shrike and how does it protect AI agents?

Accepted Answer

Shrike is a security tool designed to protect AI agents by scanning their inputs (prompts) and outputs (responses) to detect and block threats. It prevents prompt injection, jailbreaks, SQL injection, data exfiltration, malicious file operations, and toxic language.

Question 3

What is Shrike's 'fail-closed' security model?

Accepted Answer

Shrike implements a robust fail-closed security model. This means that if there are network timeouts, backend errors, or unknown content types, the system defaults to blocking the request. This prevents potential bypasses and ensures maximum protection for your AI agents.

Question 4

How does Shrike handle Personal Identifiable Information (PII)?

Accepted Answer

Shrike features advanced PII handling, capable of redacting sensitive information from prompts before they reach the LLM. It then rehydrates the original PII back into the LLM's response for enhanced privacy and secure data processing.

Question 5

Is an API key required to use Shrike?

Accepted Answer

Shrike offers a free tier that provides foundational regex-only security scans (L1-L4) without an API key. However, an API key unlocks the full 9-layer scan pipeline, including advanced LLM semantic analysis for more comprehensive threat detection.

Shrike

Shrike

主な機能

ユースケース

主な機能

ユースケース