Built for the place your LLM risk enters.

Shutapp sits around the LLM call you already make. It scans prompts before they go to the model and rescans model output before it reaches the user.

We are not your model provider. We are the control layer that decides what can safely become model context and what can safely leave it.

You keep your OpenAI, Anthropic, Gemini, or self-hosted model key. Shutapp does not need it and should not store it.

Your application calls your model provider directly. Shutapp only receives the text you ask it to scan or rescan.

Every scan and rescan can return a signed receipt. Receipts are built to be kept, verified, and shown during audits.

The receipt records the decision, policy version, timestamps, and proof material needed to explain what happened without asking someone to trust a dashboard screenshot.

For system-prompt leakage detection, Shutapp can register a fingerprint of your system prompt. The goal is to detect near-verbatim leakage without storing the prompt itself as plain text.

Use output rescanning whenever your assistant handles hidden instructions, internal policies, pricing rules, customer support rules, or private backend context.

Email security@shutapp.world with the affected endpoint, reproduction steps, impact, and any safe proof of concept.

Please do not send live customer secrets, provider keys, or unrelated production data. If we need more detail, we will ask for a safe channel.