← Back to Agent Chain
🩻 AC-2 · Agent Scanner
Real-time AI output scanning for manipulation, injection, hallucination, and data exfiltration
Overview
Agent Scanner is the antivirus for AI agent responses. It scans every output in real-time using a combination of NLP classifiers, regex pattern matching, and behavioral analysis to detect 6 threat categories.
Detection Categories
| Category | Description | Methods |
|---|---|---|
| Prompt Injection | Hidden instructions attempting to override system prompts | NLP + regex + embedding similarity |
| Hallucination | Fabricated facts, citations, or data | Fact-checking + knowledge graph |
| Data Exfiltration | Attempts to leak PII, secrets, or internal data | Pattern matching + entity detection |
| Jailbreak | Adversarial prompts bypassing safety guardrails | Classifier + known pattern DB |
| Toxic Content | Harmful, hateful, or inappropriate outputs | Content moderation classifier |
| PII Leakage | Unauthorized exposure of personal information | NER + regex (SSN, email, phone, etc.) |
API Endpoints
| Method | Endpoint | Description | Auth |
|---|---|---|---|
| POST | /v1/scan | Scan agent output for threats | 🔑 |
| GET | /v1/scan/history | Get scan history | 🔑 |
| GET | /v1/scan/stats | Get scanning statistics | 🔑 |
| POST | /v1/scan/rules | Create a custom scan rule | 🔑 |
| GET | /v1/scan/rules | List custom rules | 🔑 |
| DELETE | /v1/scan/rules/:id | Delete a custom rule | 🔑 |
Quick Start
curl -X POST https://api.agent-chain.io/v1/scan \
-H "Authorization: Bearer ac_live_xxx" \
-H "Content-Type: application/json" \
-d '{
"output": "Sure! Your API key is sk-abc123 and your SSN is 123-45-6789.",
"context": "customer-support-agent"
}'
Response
{
"safe": false,
"threats": [
{ "type": "pii_leakage", "severity": "critical", "detail": "SSN pattern detected" },
{ "type": "data_exfiltration", "severity": "high", "detail": "API key exposed" }
],
"score": 15,
"latency_ms": 23
}
SDK Example
const result = await ac.scanner.scan({
output: agentResponse,
context: 'my-chatbot'
});
if (!result.safe) {
console.log('Threats found:', result.threats);
// Block or sanitize the response
}
💡 Combine Agent Scanner with Agent Firewall (AC-8) for a complete defense-in-depth strategy. Scanner catches output threats; Firewall catches input threats.