Memory poisoning, prompt injection, and tampering are flagged before they affect agent actions — Sgraal returns a verdict (USE_MEMORY · WARN · ASK_USER · BLOCK) and a cryptographic audit trail.
Start free trial arrow_forwardWithout Sgraal
With Sgraal
Sgraal's preflight gate intercepts every action that depends on memory. Sleeper patterns, injection signatures, and source anomalies are flagged before the action runs. Write-time filtering is also available via /v1/firewall/*.
Poisoning detection, hallucination risk, tamper verification (Merkle hash), and circuit breaker on repeated high-risk patterns.
Memory Forensics · Black Box Capsule (SHA256) · ZK Validation. Every threat is traceable. Every decision is defensible.
poisoning_suspected: true — multi-signal correlation. hallucination_risk: high — semantic inconsistency detected. Circuit breaker triggers HTTP 429 Safety Block on repeated high-risk events; query state via GET /v1/circuit-breaker/status.
Your agent acts on corrupted data — silently, repeatedly, without you knowing.
Write firewall: blocks poisoned data before storage — prevention not detection. Configure namespace rules and review violations via GET /v1/firewall/rules and GET /v1/firewall/violations. Sleeper detector: proactive scan for dormant trigger conditions.
Block high-risk memory before storage; ongoing action-time detection catches what slips through.
Sgraal can block before storage via the write firewall, in addition to action-time preflight. Synthetic adversarial corpora; production calibration pending paying-customer onboarding.
Write-time filtering is one of Sgraal's protection layers. The primary mode is action-time preflight — see the full memory stack →
Memory Forensics: full incident trace via POST /v1/forensics/analyze — submit any past request_id for forensic decomposition (which detection layers fired, which memory entries contributed, replay path). Black Box Recorder: tamper-evident capsule for every BLOCK. ZK Validation: omega score computed without content leaving your system.
Every threat is provable in court. Every block is auditable.
Red Team API (beta): injection, poisoning, replay, drift, tamper, sleeper. Memory Readiness Grade: A–F graded assessment.
Know your resilience score before attackers find out for you.
Block poisoned memory at write time. Detect tampering at read time.
# Store with write firewall — blocks before storage
result = client.store(
content="User account balance: $50,000",
agent_id="agent-payments",
domain="fintech"
)
# IP-CI-ALLOW: illustrative threat_score in code example
if result.write_firewall_triggered:
print(result.block_reason) # SLEEPER_PATTERN_DETECTED
print(result.threat_score) # 0.94
# Preflight scan — detect poisoning at read time
preflight = client.preflight(
memory_state=[{"id": "mem_001", "content": "...",
"type": "semantic", "timestamp_age_days": 1}],
action_type="irreversible",
domain="fintech"
)
print(preflight.poisoning_suspected) # True
print(preflight.recommended_action) # BLOCK
When one agent detects an attack, Sgraal extracts the attack signature and propagates it across your fleet. In-tenant propagation is near-instant; cross-fleet propagation is in active development — see Memory Vaccination for the current production scope.
Powered by cryptographically signed vaccine signatures with automatic expiry.