Skip to main content
POST
/
v1
/
prompt-injection
/
image
Scan image for prompt injection
curl --request POST \
  --url https://api.example.com/v1/prompt-injection/image \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "image": "<string>",
  "only": [
    "output_manipulation"
  ],
  "exclude": [
    "output_manipulation"
  ],
  "minimum_confidence": "medium"
}
'
{
  "is_safe": true,
  "categories": [
    {
      "code": "output_manipulation",
      "confidence": "medium"
    }
  ],
  "request_id": "<string>",
  "api_key_id": "<string>",
  "request_units": 123,
  "billed_request_units": 123,
  "service_tier": "low",
  "reason": "<string>"
}
Learn more about the risk categories returned by this endpoint in Risk Classifications.

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json
image
string
required

Base64-encoded image string. Supported formats: PNG, JPEG, GIF, WebP

only
enum<string>[]

Only detect these categories (mutually exclusive with 'exclude')

Available options:
output_manipulation,
context_injection,
data_exfiltration,
unauthorized_actions
exclude
enum<string>[]

Exclude these categories from detection (mutually exclusive with 'only')

Available options:
output_manipulation,
context_injection,
data_exfiltration,
unauthorized_actions
minimum_confidence
enum<string>

Minimum confidence level to include in results. Default: 'medium' (include all)

Available options:
medium,
high

Response

Scan result

is_safe
boolean
required
categories
object[]
required
request_id
string
required
api_key_id
string
required
request_units
number
required
billed_request_units
number
required
service_tier
enum<string>
required
Available options:
low,
standard,
dedicated
reason
string