How CAERON CORE Works
A six-stage pipeline that scans, enforces, validates, and audits every AI interaction. Here is exactly what happens to every request.
SHIELD
Input Scanning
Every input is scanned for prompt injection, jailbreak attempts, PII exposure, and secrets leakage. 46 detection patterns across 4 categories.
// SHIELD detects injection attempt
{
"category": "injection",
"severity": "critical",
"pattern": "ignore_instructions",
"matched": "ignore all previous instructions"
}GATE
Policy Enforcement
Policy engine evaluates scan results and issues a verdict: ALLOW, DENY, or REDACT. Configurable rules with severity thresholds.
// GATE policy verdict
{
"verdict": "DENY",
"reason": "Critical injection detected",
"policy_version": "1.1"
}LLM
Safe Forwarding
Only approved inputs reach the LLM. Redacted content has sensitive data replaced with safe tokens before forwarding.
// Redacted input forwarded to LLM
"Hello, my name is [REDACTED_NAME] and my
email is [REDACTED_EMAIL]. How can I..."OUTPUT VALIDATOR
Response Scanning
LLM responses are scanned for XSS, SQL injection, code injection, and PII/secrets leakage before delivery.
// Output validator catches XSS
{
"category": "insecure_output",
"severity": "high",
"pattern": "xss_script_tag",
"matched": "<script>alert('xss')</script>"
}LOGBOX
Cryptographic Audit
Every transaction is recorded in an append-only, hash-chained log with Ed25519 signatures. Tamper-evident by design.
// LOGBOX entry (hash-chained)
{
"seq": 42,
"prev_hash": "a1b2c3...",
"root_hash": "d4e5f6...",
"signature": "ed25519_hex..."
}EVIDENCE
Compliance Bundles
Generates cryptographic evidence bundles with receipts for regulatory compliance and forensic analysis.
// EVIDENCE cryptographic receipt
{
"receipt_id": "uuid-v4",
"root_hash": "blake3_hex...",
"signature": "ed25519_hex...",
"verifier_pubkey": "hex_64_chars"
}Ready to Secure Your Pipeline?
Get started in minutes. Download, activate, and start protecting your AI applications.