Skip to content
CLI · CI/CD ready

Secure your LLMs.
Prove your compliance.

Shield LLM runs automated security tests on any AI chatbot: prompt injection, data extraction, jailbreaks. Security grade, detailed vulnerabilities, audit-ready PDF report in under a minute.

Automated red teamingOWASP LLM Top 10LLM-as-JudgePDF export
Start scanning for free See how it works
Works with any chatbot endpoint
Runs locally
Audit-ready PDF reports
PROMPT_INJECTION_BLOCKED
SYSTEM_PROMPT_SECURED
MODEL_DOS_DETECTED
OUTPUT_SANITIZED
Act I · The reality

Your AI chatbots are already under attack.
Most are vulnerable.

Production LLMs pass classic web audits. They fail against LLM-specific attacks: prompt injection, data extraction, guardrail bypass.

0%
of production chatbots fail basic OWASP LLM tests
OWASP · 2025
0 min
is the average time to extract sensitive data from an unprotected LLM
Shield Labs
0%
of companies have no defense specific to their LLM deployments
Gartner · 2025
0×
increase in attacks targeting generative AI since 2024
IBM X-Force

The attacks a classic scanner never sees

LLMs introduce a completely new attack surface. Your WAF, your DAST, your annual pentest: none of them are equipped for it.

  • LLM01Prompt injection that hijacks model behavior
  • LLM02Sensitive information leakage in responses
  • LLM06Excessive agency (unauthorized actions)
  • LLM07System prompt extraction via social engineering
  • LLM09Disinformation and exploitable hallucinations
Act II · The solution

Three pillars. One tool.

Shield LLM combines automated red teaming, AI-judge analysis and regulatory compliance in a CLI you install in one command.

PILLAR 01

Automated red teaming

Full coverage of the OWASP LLM Top 10: prompt injection, system extraction, excessive agency, multi-turn jailbreak, supply chain. Runs in under a minute.

OWASP LLM TOP 10 · CRESCENDO
PILLAR 02

LLM-as-Judge

AI-driven analysis goes beyond regex. A judge model evaluates each response in context to catch nuanced vulnerabilities that pattern matching misses.

3 LAYERS · CONTEXT + RULES + JUDGE
PILLAR 03

EU AI Act compliance

Automatic scoring aligned with articles 5, 9, 10, 13, 14 and 15 of the regulation. Audit-ready PDF report, actionable remediations, timestamped evidence.

7 REQUIREMENTS · SIGNED PDF EXPORT
shield-llm · real-time scan
TARGETsupport-bot.acme.com
F
23/100
Security grade · immediate action required
PROMPT INJECTION
85%
DATA LEAKAGE
72%
OUTPUT HANDLING
48%
SUPPLY CHAIN
15%
4 critical · 6 high · 3 medium detected
Act III · Regulatory framework

EU AI Act. Audit-ready.

Your LLM falls under the European AI regulation. The obligations are concrete: robustness, transparency, human oversight, data governance. Shield gives you the technical scoring and the evidence.

Articles covered
7 of 7 high-risk system requirements
Enforcement
August 2, 2026 · high-risk systems
Assess my compliance

Compliance assessment · support-bot.acme

Compliant
Robustness and resilience
Art. 15
92%
Transparency
Art. 13
88%
Data governance
Art. 10
85%
Human oversight
Art. 14
90%
Risk management
Art. 9
87%
Accuracy
Art. 15
91%
Prohibited practices
Art. 5
95%
Local-first architecture

Your prompts never leave your environment.

Shield LLM runs as a CLI from your environment, calling your chatbot endpoint directly. No proxy, no MITM, no credentials to share.

The only data sent to our servers: the scan report summary, so you can review it from your dashboard.

  • 100% local execution from your environment
  • Your chatbot credentials stay in your config, never sent to us
  • Data hosted in Europe · encryption at rest
  • Signed PDF export ready for your internal audits

Zero interception

Prompts go straight to your chatbot endpoint. No relay, no proxy.

Credentials stay local

Your shield.config.json lives on your machine. We never see your endpoint secrets.

Isolated storage

Scan data is scoped to your environment. Nothing persists without your action.

Verifiable output

Every result includes evidence, confidence and OWASP mapping. Native PDF export.

Pricing

Start free. Scale when you need it.

The base scan is free forever. Upgrade to Pro for AI evaluation, PDF reports and custom tests.

FREE
€0
Start with the base scan and discover your posture.
  • 5 scans per month
  • OWASP LLM Top 10 (10 attacks)
  • Rule-based analysis
  • Security grade (A–F)
  • 30-day history · 1 domain
Get started
Most popular
PRO
€79/mo
For teams serious about AI security.
  • 30 scans per month
  • 74 advanced attacks + multi-turn Crescendo
  • Full LLM-as-Judge evaluation
  • Audit-ready PDF reports
  • Technical EU AI Act compliance
  • Custom tests (up to 50)
  • Unlimited multi-domain
ENTERPRISE
Custom
Compliance-grade AI security for regulated organizations.
  • Everything in Pro
  • EU AI Act compliance (technical + structural)
  • SSO (Keycloak, Okta, Entra ID)
  • Audit log + BYOK
  • 1000 scans / month
  • Dedicated account manager
Book a demo
FAQ

Frequently asked questions

Everything you need to know about Shield LLM security testing.

What happens during a scan?
Shield LLM automatically injects OWASP LLM Top 10 attack prompts into the target chatbot interface. Each response is analyzed by our 3-layer engine (context + rules + LLM-as-Judge). You get an A–F grade, the vulnerability breakdown, and an audit-ready PDF report in under a minute.
Is my data sent to a server?
The attack prompts and chatbot responses stay in your browser. Only the report summary (grade, categories, counts) is sent to our European server, so you can review your history from the dashboard. You can disable this sync.
Does it work with any chatbot?
Yes, as long as it has a web interface. ChatGPT, Claude, Gemini, Mistral, Copilot, Llama-based custom chatbots, or any model. No model-specific configuration required.
How long does a scan take?
Between 45 seconds and 3 minutes depending on the target chatbot latency. The full Pro scan with LLM-as-Judge averages 90 seconds.
How is the security grade calculated?
Each test is weighted by its OWASP LLM Top 10 category and CVSS severity. The overall score is a weighted average normalized to 100, mapped to A (90+) through F (<50). The calculation details are documented in the PDF report.
Does Shield LLM really cover the EU AI Act?
Shield covers the 7 technical requirements for high-risk AI systems (articles 5, 9, 10, 13, 14, 15). Automatic scoring produces timestamped evidence you can attach to your compliance file. Full legal assessment remains your DPO's responsibility.

Secure your AI before the attackers.

Install the Shield LLM CLI and get your first security report in under a minute. No SDK, no code changes.

Shield LLM — Automated Red Teaming for AI Chatbots