# Silmaril Public Docs Silmaril Firewall protects AI applications and agentic systems from prompt injection, tool abuse, context poisoning, confused deputy behavior, and unsafe execution chains. Access is not self-serve yet. Book a call to provision credentials, choose a managed or self-hosted deployment path, and receive the endpoint used by the examples below. Demo URL: https://cal.com/silmaril/15min Book a call: https://cal.com/silmaril/15min Website: https://silmaril.dev ## Public Routes - Home: https://silmaril.dev/ - Docs overview: https://silmaril.dev/docs - Privacy: https://silmaril.dev/privacy - Terms: https://silmaril.dev/terms - Status: https://silmaril.dev/status ## TypeScript SDK Install the core SDK in the service that owns inference, tool execution, or orchestration boundaries. ```bash npm install @silmaril-security/sdk ``` ```ts import { Firewall, HookLabel } from "@silmaril-security/sdk"; const fw = new Firewall({ apiKey: process.env.SILMARIL_API_KEY!, apiUrl: process.env.SILMARIL_API_URL!, }); const result = await fw.classify(userInput, { hook: HookLabel.USER_INPUT, }); await fw.classify(toolOutput, { hook: HookLabel.TOOL_RESPONSE, toolName: "read_file", }); ``` ## Python SDK Install the Python SDK in services that own inference, tool execution, or orchestration boundaries. ```bash pip install silmaril-security-sdk ``` ```py import os from silmaril_security.sdk import Firewall, HookLabel fw = Firewall( api_key=os.environ["SILMARIL_API_KEY"], api_url=os.environ["SILMARIL_API_URL"], ) result = fw.classify( user_input, hook=HookLabel.USER_INPUT, ) fw.classify( tool_output, hook=HookLabel.TOOL_RESPONSE, tool_name="read_file", ) ``` ## Go SDK Install the Go module and classify boundaries with explicit hook metadata. ```bash go get github.com/Silmaril-Security/sdk-go/firewall@latest ``` ```go fw, err := firewall.New(firewall.Options{ APIKey: os.Getenv("SILMARIL_API_KEY"), APIURL: os.Getenv("SILMARIL_API_URL"), }) if err != nil { log.Fatal(err) } result, err := fw.Classify(ctx, userInput, firewall.WithHook(firewall.HookUserInput), ) ``` ## Java SDK Add the JVM SDK dependency and build one firewall client per protected system. ```kotlin dependencies { implementation("com.silmaril.security:silmaril-security-sdk:0.3.1") } ``` ```java Firewall fw = Firewall.builder() .apiKey(System.getenv("SILMARIL_API_KEY")) .apiUrl(System.getenv("SILMARIL_API_URL")) .build(); BlockResult result = fw.classify( userInput, ClassifyOptions.builder() .hook(HookLabel.USER_INPUT) .build() ); ``` ## Vercel AI SDK and Gateway Use Silmaril middleware around the model object when Vercel owns model execution. Gateway routing and middleware can share the same firewall client. ```bash npm install ai@^5 @ai-sdk/openai ``` ```ts import { gateway, generateText, wrapLanguageModel } from "ai"; const model = wrapLanguageModel({ model: gateway("anthropic/claude-sonnet-4.6"), middleware: fw.asMiddleware({ scanOutput: true }), }); await generateText({ model, prompt: userInput, providerOptions: { gateway: { tags: ["surface:assistant"] }, }, }); ``` ## LiteLLM Guardrails Configure Silmaril as a LiteLLM generic guardrail with pre-call and post-call checks. ```yaml guardrails: - guardrail_name: silmaril-firewall litellm_params: guardrail: generic_guardrail_api mode: [pre_call, post_call] api_base: os.environ/SILMARIL_GUARDRAIL_URL headers: x-api-key: os.environ/SILMARIL_API_KEY default_on: true unreachable_fallback: fail_open additional_provider_specific_params: on_error: warn ``` ## Self-hosting For customer-controlled deployments, run the firewall service and model as containers in the cloud account that holds the protected workload. SDKs use the deployed classify endpoint. LiteLLM uses the guardrail endpoint from the same stage. Supported deployment targets include AWS ECS/EKS, Google Cloud Run/GKE, Azure Container Apps/AKS, and Oracle Cloud OKE.