Skip to main content
POST
/
v1
/
prompt-injection
/
text
Scan text for prompt injection
curl --request POST \
  --url https://api.example.com/v1/prompt-injection/text \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "content": "<string>",
  "only": [
    "<string>"
  ],
  "exclude": [
    "<string>"
  ],
  "minimum_confidence": "medium"
}
'
{
  "is_safe": true,
  "categories": [
    {
      "code": "output_manipulation",
      "confidence": "medium"
    }
  ],
  "request_id": "<string>",
  "api_key_id": "<string>",
  "request_units": 123,
  "billed_request_units": 123,
  "service_tier": "low",
  "reason": "<string>"
}
Learn more about the risk categories returned by this endpoint in Risk Classifications.

Basic Usage

import { CentureClient } from "@centure/node-sdk";

const client = new CentureClient();

const result = await client.scanText("External data to scan...");

if (!result.is_safe) {
  console.log("Detected categories:", result.categories);
}

Filtering Categories

You can filter which risk categories to detect using the only or exclude parameters. These parameters are mutually exclusive. 
const result = await client.scanText("External data to scan...", {
  only: ["data_exfiltration", "external_actions"]
});

Confidence Filtering

Use minimum_confidence to filter results by confidence level: 
const result = await client.scanText("External data to scan...", {
  minimum_confidence: "high"
});
Set minimum_confidence to "high" to reduce false positives by only returning high-confidence detections.

Response

When content is flagged as unsafe, the response includes a reason field explaining why: 
{
  "is_safe": false,
  "categories": [
    { "code": "data_exfiltration", "confidence": "high" }
  ],
  "reason": "The input attempts to extract system prompt information by asking the model to reveal its instructions.",
  "request_id": "req_abc123",
  "api_key_id": "key_xyz789",
  "request_units": 1,
  "billed_request_units": 1,
  "service_tier": "standard"
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Body

application/json
content
string
required

Text to scan

only
string[]

Only detect these categories (mutually exclusive with 'exclude')

exclude
string[]

Exclude these categories from detection (mutually exclusive with 'only')

minimum_confidence
enum<string>

Minimum confidence level to include in results. Default: 'medium' (include all)

Available options:
medium,
high

Response

Scan result

is_safe
boolean
required
categories
object[]
required
request_id
string
required
api_key_id
string
required
request_units
number
required
billed_request_units
number
required
service_tier
enum<string>
required
Available options:
low,
standard,
dedicated
reason
string