Purfect Shield works with every major AI provider and any OpenAI-compatible API. No SDK to install. No imports to add. No code changes per tool. Just point your base URL at localhost:6767 and Shield handles the rest.
Shield is provider-agnostic. It speaks the OpenAI API protocol and works with any compatible endpoint — cloud, local, or self-hosted.
Provider
Products
Setup
Anthropic
Anthropic API, AI Coding Tools
ANTHROPIC_BASE_URL → localhost:6767
OpenAI
GPT-4o, GPT-4, Codex
OPENAI_BASE_URL → localhost:6767
DeepSeek
DeepSeek-V3, DeepSeek-R1
DEEPSEEK_BASE_URL → localhost:6767
Local Models
Ollama, LM Studio, llama.cpp
OPENAI_BASE_URL → localhost:6767
Any OpenAI-compatible
Groq, Together, Fireworks, Mistral, etc.
OPENAI_BASE_URL → localhost:6767
BASE_URL → localhost:6767 · That's the entire integration
MCP & Extensibility
Shield plugs into your existing AI workflow.
If you use AI coding tools with MCP servers, Shield sits transparently in the egress path — no MCP config changes, no tool modifications. Every tool call, every file read, every API request flows through Shield's redaction engine automatically.
No MCP config changes
Shield sits transparently in the egress path between your AI tools and the API. Your MCP servers, tools, and configurations remain untouched.
All tools protected
Whether your AI tools call filesystem tools, web fetch, or your custom MCP servers — every request transits through Shield's redaction engine.
Works with any MCP host
AI-powered desktop tools, coding assistants, Cursor, Windsurf — if it speaks the Anthropic API, Shield protects it without per-tool configuration.
How it works with your AI tools
Your AI tools read tools from your MCP config and call the Anthropic API. Set ANTHROPIC_BASE_URL=http://localhost:6767 and every request — whether it's a prompt, a tool result, or file content — passes through Shield before reaching Anthropic's servers. Secrets are tokenized. PII is redacted. Responses are rehydrated. Your tools never know Shield is there.
Zero-Code Integration
One environment variable. No SDK. No import.
Every other AI security tool requires you to install a library, import it in your code, and wrap every LLM call. Shield requires none of that. It sits on the wire — your code doesn't even know it's there.
No SDK
No pip install, no npm package, no library dependency. Shield is a standalone Go binary that runs on your infrastructure.
No Import
No import statements. No middleware registration. No client wrapping. Your application code stays exactly as it is.
No Per-Tool Config
AI coding tools, Cursor, Windsurf, custom scripts — all protected with one BASE_URL change. No per-tool configuration needed.
Infrastructure-Level
Deploy Shield once on your network. Every AI call from every developer and every tool is protected — automatically.
One variable. Ten minutes. Protected.
We'll deploy Shield on your infrastructure and integrate it with your existing AI providers — Anthropic, OpenAI, DeepSeek, local models — in a single session. Your team keeps using the tools they know. Shield handles the security transparently.
Fixed-price engagement · Source code at handoff · No subscription
FAQ
Shield Integrations FAQ
How many environment variables do I need to configure?
One. Set SHIELD_TARGET to your LLM provider's base URL, point your application at localhost:9090, and you're done. All provider configuration — API keys, model routing, endpoint mapping — is handled through Shield's single config file. No per-provider env vars, no SDK changes.
What if my LLM provider isn't on the supported list?
If your provider exposes an OpenAI-compatible /v1/chat/completions endpoint, Shield works out of the box. For providers with custom APIs, Enterprise tier includes a provider adapter — typically built and deployed within 48 hours. We've never encountered an HTTP-based LLM API we couldn't proxy.
Does Shield support streaming responses?
Yes. Shield proxies streaming responses (SSE) with sub-millisecond overhead. PII detection and content policy enforcement work on streaming responses in real time — Shield buffers only enough to detect patterns, then streams the rest. No content is held back.
Can I use Shield with local models like Ollama or LM Studio?
Yes. Point Shield at any HTTP endpoint — localhost:11434 for Ollama, localhost:1234 for LM Studio, or any OpenAI-compatible local server. Shield doesn't care whether the model is local or cloud-hosted. The same audit logging, PII detection, and policy enforcement apply.
How does Shield handle API key rotation?
API keys live in Shield's config, not in your application code. Rotate keys by updating the config file and sending SIGHUP to the Shield process — zero-downtime rotation. No application redeploy needed. Enterprise tier adds vault integration (HashiCorp Vault, AWS Secrets Manager) for automated rotation.
Does Shield add latency that my users will notice?
Typical overhead is 2-5ms for standard requests, 8-15ms with full PII scanning enabled. For context: a typical LLM API call takes 500-3000ms. Shield's overhead is under 1% of total request time. Your users won't notice it exists.