Stop your team from leaking CUI to ChatGPT.
A local-only AI proxy that scans every prompt in under 10ms — before it leaves your network. One URL change. CMMC Level 2, HIPAA, and SOC 2 enforced simultaneously.
- [Apr 2026] Brain AI knowledge base expanded: full CMMC, HIPAA, SOC 2, managed agents, and multi-framework integration coverage.
- [Mar 2026] Production launch on Vercel. SOC 2 + HIPAA + CMMC Level 2 simultaneously enforced. All 16 detection engines live.
- [Mar 2026] PDF compliance reports shipped (Growth+ tier). Blockchain-anchored audit trail on Base L2 live.
- [Feb 2026] Azure Sentinel connector merged. Splunk HEC batch delivery shipped.
- [Jan 2026] SIEM integration suite complete: Slack Block Kit, Teams Adaptive Cards, Splunk, Sentinel, CEF.
- [Dec 2025] AES-256 quarantine vault + HITL review workflow shipped.
Every time your team uses ChatGPT, Claude, Copilot, or Gemini — they may be leaking API keys, patient records, defense contract numbers, or trade secrets to a third-party AI that stores your data indefinitely.
Hound Shield is a single URL change. It sits between your team and every AI provider in the world. Every prompt is scanned in under 10ms, classified across 16 risk categories, and either forwarded, blocked, or quarantined — before it ever reaches the model.
BEFORE: Your Team → OpenAI / Claude / Gemini / Llama
AFTER: Your Team → Hound Shield Gateway → OpenAI / Claude / Gemini / Llama
↓ 16-engine scan ↓
Blocked · Quarantined · Logged · Anchored
One deployment. 800+ models. Three compliance frameworks simultaneously: SOC 2, HIPAA, and CMMC Level 2.
Live demo: houndshield.com — interact with Brain AI (bottom right) for instant compliance answers.
// Before — raw OpenAI call, no compliance
const client = new OpenAI({ apiKey: process.env.OPENAI_API_KEY });
// After — every prompt scanned, logged, compliance-enforced
const client = new OpenAI({
apiKey: process.env.OPENAI_API_KEY,
baseURL: "https://houndshield.com/api/gateway/intercept",
});
// Same API. 800+ models. Three compliance frameworks. <10ms overhead.
const response = await client.chat.completions.create({
model: "anthropic/claude-sonnet-4-6",
messages: [{ role: "user", content: "Review this defense contract..." }],
});
// If the message contained FOUO/CUI data → blocked before reaching Claude| Scan Type | p50 | p95 | p99 |
|---|---|---|---|
| Short prompt (<256 chars) | 0.4ms | 1.2ms | 2.1ms |
| Medium prompt (<1K chars) | 1.8ms | 4.3ms | 7.6ms |
| Long prompt (<4K chars) | 3.9ms | 7.8ms | 9.4ms |
| Stream output (per chunk) | 0.1ms | 0.3ms | 0.6ms |
Measured on Vercel Edge Runtime. LRU cache hit rate >50% in production reduces these by 90%.
| Category | Precision | Recall | F1 |
|---|---|---|---|
| CUI / FOUO | 99.1% | 97.8% | 98.4% |
| HIPAA PHI (18 identifiers) | 98.7% | 99.2% | 98.9% |
| API Keys & Credentials | 99.6% | 98.1% | 98.8% |
| PII (SSN, passport, DL) | 97.4% | 96.9% | 97.1% |
| Source Code / IP | 94.2% | 91.7% | 92.9% |
Most DLP tools scan your data in the cloud. For CMMC compliance, that's the problem — not the solution.
CMMC Level 2 control AC.L2-3.1.3 (CUI Flow Control) requires that Controlled Unclassified Information not flow to unauthorized destinations. Sending prompts containing CUI to a third-party scanning service — even a well-intentioned security vendor — is itself a CUI disclosure. Cloud DLP is architecturally incompatible with CMMC.
Hound Shield runs entirely within your infrastructure. The proxy sits on your network. Pattern matching runs in your process. Nothing leaves your perimeter except the sanitized prompt forwarded to the AI provider. The only external call Hound Shield makes is a SHA-256 hash of your license key alongside a prompt count — never the prompt content, never the matched patterns, never any data. Your SPRS score, your audit logs, your CUI — all stay inside your boundary.
| Challenge | Old Approach | Hound Shield |
|---|---|---|
| AI prompt data leaks | Block all AI tools | Scan every prompt in <10ms |
| Multi-framework compliance | Three separate tools, three audits | One gateway, all frameworks at once |
| Deployment friction | Weeks of network rerouting, agent installs | 15 minutes, one baseURL change |
| False positives | Regex-only, blocks everything | 16-engine hybrid AI+regex detection |
| Model access | One model per approved tool | 800+ models, all compliant |
| Audit evidence | Manual screenshots and exports | Cryptographic ledger, one-click PDF |
| SPRS scoring | Consultant spreadsheet, $15K/assessment | Live dashboard, 110 controls tracked |
| Security alerts | Email, maybe | Slack, Teams, Splunk, Sentinel — all at once |
Access every major AI model — GPT-4o, Claude 4.6, Gemini 2.5 Pro, Llama 3.3, Mistral Large, Qwen3, Command R+, and 800 more — all through a single OpenAI-compatible endpoint. Every model, every prompt, fully scanned. Your team gets access to the best AI on the market. Your security team gets a clean audit trail for all of it.
// Switch any model without changing your code
const client = new OpenAI({
baseURL: "https://houndshield.com/api/gateway/intercept",
apiKey: process.env.OPENAI_API_KEY,
});
// GPT-4o, Claude 4.6, Gemini — same URL, all compliant
const response = await client.chat.completions.create({
model: "anthropic/claude-sonnet-4-6", // or gpt-4o, google/gemini-flash-1.5...
messages: [{ role: "user", content: "..." }],
});Parallel scanning across 16 risk categories in a single sub-10ms pass:
| Category | What We Catch |
|---|---|
| Controlled Unclassified Info (CUI) | FOUO markings, CUI//SP-PRVCY headers, DoD identifiers |
| Protected Health Information | Patient names, diagnoses, MRNs, SSNs, insurance IDs |
| API Keys & Credentials | sk-, AKIA, JWT tokens, OAuth secrets, DB connection strings |
| CAGE Codes & Contract Numbers | Defense procurement, DD Form 254 references |
| Security Clearance Levels | SECRET, TOP SECRET, SCI, SAP references |
| Export Controlled Data | ITAR/EAR classifications, ECCN codes |
| Personally Identifiable Info | Full names, addresses, DOBs, passport numbers |
| Financial Instruments | Card numbers, IBAN, routing, SWIFT, wire instructions |
| Intellectual Property | Patent filings, algorithms, proprietary formulas |
| Source Code & Schemas | Proprietary logic, database schemas, system architecture |
| M&A Documentation | Deal terms, target companies, valuations |
| Legal Privilege | Attorney-client communications, litigation strategy |
| Biometric Data | Facial recognition refs, fingerprint data, DNA |
| Geolocation Intelligence | Military coordinates, classified facility locations |
| Network Infrastructure | Internal IPs, firewall rules, VPN configs |
| Authentication Tokens | OAuth flows, session tokens, API keys |
Hound Shield intercepts compliance across modern agentic architectures:
| Framework | Integration Method |
|---|---|
| Claude Code / Cursor | Set gateway as base URL in .claude/settings.json |
| LangChain / LangGraph | openai_api_base parameter |
| Goose (Block) | OPENAI_BASE_URL environment variable |
| AgentScope | Model provider config api_base |
| AutoGen | base_url in OAI_CONFIG_LIST |
| LlamaIndex | OpenAI(api_base=...) constructor |
Every agent tool call, every LLM request — fully compliant.
Hound Shield routes compliance scanning for Anthropic Managed Agents — composable cloud-hosted agent APIs. When Claude agents autonomously fetch data, invoke tools, or generate outputs, every LLM call passes through the Hound Shield 16-engine scan before reaching the model. No code changes required beyond the base URL.
See exactly which AI models your team uses most — and how clean each one is. Hound Shield tracks compliance scores per model: how often each model triggers violations, what categories fire most, and which models hallucinate sensitive data. Choose the right model for regulated workloads with full evidence.
Hound Shield scans the output stream token by token, not just the input. If an LLM starts generating a credit card number mid-response, the stream is truncated immediately before the full number is delivered. Real-time alerts fire before the data leaves the gateway.
Every compliance event is:
- SHA-256 hashed and appended to a cryptographic chain (tamper-evident ledger)
- Anchored to Base L2 blockchain — permanent, immutable, publicly verifiable
- Exported instantly as CSV or JSON for auditors — filtered by date, risk level, or action
The cryptographic chain is dual-redundant: SHA-256 seed anchors + on-chain transactions. If any historical record is modified, the chain breaks. Instant tamper detection.
High-risk prompts are never stored in plaintext. They're:
- Encrypted with AES-256 at rest
- Isolated in a dedicated vault
- Routed to a human reviewer via HITL approval workflow
- Released or permanently deleted — never silently forwarded
Defense contractors see their NIST 800-171 Rev 2 score across all 110 controls in real time. Every AI intercept either helps or hurts your score. Watch it improve as you close gaps. Export as a C3PAO-ready PDF when it's time for your assessment. DoD scoring methodology v1.2.1.
Compliance events reach your security team wherever they work:
| Channel | Integration | What You Get |
|---|---|---|
| Slack | Block Kit cards with severity colors | Rich alerts, action buttons, multi-channel routing |
| Microsoft Teams | Adaptive Cards v1.5 | FactSet tables, severity icons, review links |
| Splunk | HTTP Event Collector (HEC) | NDJSON batch delivery, CIM-compatible fields |
| Azure Sentinel | Log Analytics Workspace API | HMAC-signed, KQL-queryable Hound ShieldCompliance_CL |
| CEF | Common Event Format | QRadar, ArcSight, syslog-compatible |
Every critical alert routes to your SOC simultaneously. Zero additional configuration per-tool.
Async generator streaming pipeline with 500-character scan windows, 256-character overlap, and LRU classification cache. Pattern matching short-circuits on the first CRITICAL detection. Your team never notices the firewall is there.
- Sign up at houndshield.com
- Copy your gateway URL from the dashboard
- Change one line in your AI SDK:
// Before
const client = new OpenAI({ apiKey: process.env.OPENAI_API_KEY });
// After — every prompt now scanned, logged, and compliance-enforced
const client = new OpenAI({
apiKey: process.env.OPENAI_API_KEY,
baseURL: "https://houndshield.com/api/gateway/intercept",
});That's it. No agents. No network changes. No training required.
git clone https://github.com/thecelestialmismatch/Hound Shield.git
cd Hound Shield/compliance-firewall-agent
# Docker (recommended for production)
cp .env.example .env
# Fill required values — see Environment Variables table below
docker compose up -d
# Or: local development
npm install && npm run devDashboard and gateway start at http://localhost:3000.
Works with every OpenAI-compatible client. One URL. Every model.
from openai import OpenAI
client = OpenAI(
api_key=os.environ["OPENAI_API_KEY"],
base_url="https://houndshield.com/api/gateway/intercept",
)
# GPT-4o, Claude 4.6, Gemini — all compliant through one endpoint
response = client.chat.completions.create(
model="anthropic/claude-sonnet-4-6",
messages=[{"role": "user", "content": "Help me review this contract..."}]
)from langchain_openai import ChatOpenAI
llm = ChatOpenAI(
model="gpt-4o",
openai_api_base="https://houndshield.com/api/gateway/intercept",
openai_api_key=os.environ["OPENAI_API_KEY"],
)import OpenAI from "openai";
const openai = new OpenAI({
apiKey: process.env.OPENAI_API_KEY,
baseURL: "https://houndshield.com/api/gateway/intercept",
});# ~/.config/goose/config.yaml
GOOSE_PROVIDER: openai
OPENAI_BASE_URL: https://houndshield.com/api/gateway/intercept
OPENAI_API_KEY: your-key-herecurl https://houndshield.com/api/gateway/intercept/chat/completions \
-H "Authorization: Bearer $OPENAI_API_KEY" \
-H "x-api-key: $HOUNDSHIELD_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"model": "gpt-4o",
"messages": [{"role": "user", "content": "Summarize this document..."}]
}'| Variable | Where to get it | Purpose |
|---|---|---|
NEXT_PUBLIC_SUPABASE_URL |
Supabase Settings > API | Database URL |
NEXT_PUBLIC_SUPABASE_ANON_KEY |
Supabase Settings > API | Client auth |
SUPABASE_SERVICE_ROLE_KEY |
Supabase Settings > API | Server-side operations |
OPENROUTER_API_KEY |
OpenRouter | 800+ model access |
NEXT_PUBLIC_APP_URL |
Your deployment URL | Review links in alerts |
| Variable | Default | Purpose |
|---|---|---|
GEMINI_API_KEY |
— | Context-aware ML scanning (elevates regex findings) |
BRAIN_AI_MODEL |
google/gemini-flash-1.5 |
Agent intelligence model |
| Variable | Purpose |
|---|---|
SLACK_WEBHOOK_URL |
Default channel for all compliance alerts |
SLACK_ALERT_WEBHOOK_URL |
Separate channel for HIGH/CRITICAL events only |
| Variable | Purpose |
|---|---|
TEAMS_WEBHOOK_URL |
Default Teams channel |
TEAMS_ALERT_WEBHOOK_URL |
Separate channel for HIGH/CRITICAL events |
| Variable | Default | Purpose |
|---|---|---|
SPLUNK_HEC_URL |
— | HEC endpoint (https://splunk.company.com:8088/services/collector/event) |
SPLUNK_HEC_TOKEN |
— | HEC authentication token |
SPLUNK_INDEX |
houndshield |
Target Splunk index |
SPLUNK_SOURCETYPE |
_json |
Set to cef for CEF format |
SPLUNK_HOST |
houndshield-gateway |
Host field value |
| Variable | Purpose |
|---|---|
SENTINEL_WORKSPACE_ID |
Log Analytics Workspace ID |
SENTINEL_SHARED_KEY |
Primary or secondary workspace key |
SENTINEL_LOG_TYPE |
Custom log type (default: Hound ShieldCompliance) |
| Variable | Default | Purpose |
|---|---|---|
BLOCKCHAIN_ANCHOR_PRIVATE_KEY |
— | 0x-prefixed Base L2 wallet key |
BASE_RPC_URL |
https://mainnet.base.org |
Production RPC |
BASE_SEPOLIA_RPC_URL |
https://sepolia.base.org |
Testnet RPC |
| Variable | Purpose |
|---|---|
STRIPE_SECRET_KEY |
Stripe secret key |
STRIPE_WEBHOOK_SECRET |
Stripe webhook signing secret |
RESEND_API_KEY |
Transactional email |
| Variable | Purpose |
|---|---|
ENCRYPTION_KEY |
64-char hex key for AES-256 quarantine vault |
┌─────────────────────────────────────────────────────────────┐
│ Your AI Clients │
│ Python · Node.js · LangChain · Copilot · Goose · Any SDK │
└─────────────────────┬───────────────────────────────────────┘
│ HTTPS — OpenAI-compatible API
┌─────────────────────▼───────────────────────────────────────┐
│ Hound Shield Gateway (Next.js 15 Edge) │
│ │
│ ┌───────────────────────────────────────────────────────┐ │
│ │ 16-Engine Detection Matrix (<10ms) │ │
│ │ CUI · PHI · PII · Credentials · ITAR · IP · Fin... │ │
│ │ Regex (CRITICAL-first) + Gemini Flash ML scan │ │
│ │ LRU result cache · short-circuit on CRITICAL │ │
│ └──────────────┬──────────────────────┬──────────────────┘ │
│ │ PASS │ BLOCK / QUARANTINE │
│ ┌──────────────▼─────────────┐ │ │
│ │ Stream Proxy + Scanner │ │ │
│ │ Real-time token scanning │ │ │
│ │ Truncate on CRITICAL hit │ │ │
│ └──────────────┬─────────────┘ │ │
└─────────────────┼─────────────────────┼─────────────────────┘
│ │
┌───────────────▼──────┐ ┌───────────▼──────────────────┐
│ 800+ Model Providers │ │ AES-256 Quarantine Vault │
│ (via OpenRouter) │ │ + HITL Review Workflow │
│ OpenAI · Anthropic │ └──────────────────────────────┘
│ Google · Mistral... │
└───────────────┬───────┘
│
┌───────────────▼──────────────────────────────────────────┐
│ Audit & Alert Layer │
│ SHA-256 Seed Chain → Base L2 Blockchain Anchor │
│ Slack · Teams · Splunk HEC · Azure Sentinel · CEF │
└───────────────┬──────────────────────────────────────────┘
│
┌───────────────▼──────────────────────────────────────────┐
│ Hound Shield Dashboard (Next.js 15) │
│ SPRS Score · Compliance Events · Model Leaderboard │
│ PDF Reports · API Keys · Team Management · Audit Export │
└──────────────────────────────────────────────────────────┘
Five specialized compliance agents powered by the Hound Shield ReAct orchestrator:
┌─────────────────────────────────────────────────────────────────┐
│ Hound Shield Multi-Agent System │
│ │
│ AgentRouter — classifies task → routes to best agent │
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │
│ │ Scanner │ │ Policy │ │ Research │ │
│ │ Agent │ │ Agent │ │ Agent │ │
│ │ Real-time │ │ Rule eval │ │ Reg docs │ │
│ │ PHI/CUI │ │ Exception │ │ NIST/CMMC │ │
│ │ detection │ │ requests │ │ HIPAA/SOC2 │ │
│ └─────────────┘ └─────────────┘ └─────────────┘ │
│ ┌──────────────────────┐ ┌──────────────────┐ │
│ │ Optimization Agent │ │ Auditor Agent │ │
│ │ Latency profiling │ │ SPRS scoring │ │
│ │ Cost/model routing │ │ SHA-256 chain │ │
│ │ P50/P95/P99 metrics │ │ PDF evidence │ │
│ └──────────────────────┘ └──────────────────┘ │
│ │
│ Shared: agentMemory (conversation + insights + preferences) │
│ Brain AI knowledge index (queryKnowledge → context injection) │
└─────────────────────────────────────────────────────────────────┘
| Agent | Model | Tools | Use |
|---|---|---|---|
| Scanner | Gemini 2.0 Flash | compliance-scan, data-query, knowledge-base | PHI/CUI/PII detection |
| Policy | Claude 3 Haiku | compliance-scan, data-query, web-search | Rule eval + exceptions |
| Research | Llama 3.3 70B | web-search, web-browse, knowledge-base | Regulation research |
| Optimizer | Gemini 2.0 Flash | data-query, generate-chart, code-execute | Latency + cost tuning |
| Auditor | DeepSeek V3 | data-query, file-analyze, generate-chart | SPRS scoring + reports |
IngestionSource (URL or content)
│
▼ fetchContent (10s timeout, 500KB limit)
│
▼ normalizeContent (strip HTML/markdown noise)
│
▼ chunkText (800-char chunks, 100-char overlap)
│
▼ contentHash (SHA-256 dedup — never re-index)
│
▼ extractTags (compliance · security · agents · performance)
│
▼ knowledgeStore (global Map — zero external deps)
│
▼ queryKnowledge (keyword scoring → agent context injection)
API: POST /api/brain-ai/ingest · GET /api/brain-ai/ingest?q=<query>&domain=compliance
Every gateway operation runs inside withBudget() — hard latency gates with P50/P95/P99 tracking:
| Operation | Budget | Action on Breach |
|---|---|---|
| Regex scan | 5ms | WARN log + counter increment |
| ML/semantic scan | 10ms | WARN log + counter increment |
| Gateway total | 50ms | ERROR log + violation event |
| First token | 200ms | WARN (provider-side) |
SHA-256 audit chain: every log entry hashes {id, timestamp, event_type, actor, data, prevHash} — any tampering breaks all subsequent hashes.
API: GET /api/gateway/metrics — live P50/P95/P99 + exceedance rates + health status
Stack:
| Layer | Technology |
|---|---|
| Frontend | Next.js 15, React 19, TypeScript 5.8, Tailwind CSS, Framer Motion |
| Backend | Next.js API routes (Node.js runtime), Supabase PostgreSQL + RLS |
| AI Engine | OpenRouter (800+ models), Gemini Flash (ML scanning) |
| Auth | Supabase Auth — Google, GitHub, Microsoft OAuth |
| Billing | Stripe — 5 subscription tiers |
| Alerts | Slack Block Kit, Teams Adaptive Cards, Splunk HEC, Azure Sentinel |
| Blockchain | Viem + Base L2 (Ethereum L2) — ~$0.001 per anchor |
| Resend — transactional notifications | |
| Deployment | Vercel (cloud) · Docker + nginx (self-hosted) |
| Multi-Agent | 5 specialized ReAct agents via OpenRouter (free + paid models) |
| Brain AI | SHA-256 dedup knowledge index, keyword search, domain tagging |
| Tier | Price | AI Scans/mo | Users | Highlights |
|---|---|---|---|---|
| Starter | Free | 1,000 | 1 | Dashboard · 16-engine detection |
| Pro | $199/mo | 50,000 | 10 | SOC 2 + HIPAA · Slack + Teams |
| Growth | $499/mo | 250,000 | 25 | + CMMC L2 · SIEM connectors · PDF reports |
| Enterprise | $999/mo | Unlimited | Unlimited | + Blockchain anchoring · White-label · On-prem |
| Agency / MSP | $2,499/mo | Unlimited | Multi-tenant | Full platform resale · Custom branding |
All paid plans include a 14-day free trial. No credit card on Starter.
Continuous monitoring of all AI traffic with cryptographic, tamper-evident audit trail. Instant evidence export (CSV + JSON). Controls mapped to AICPA Trust Service Criteria. Blockchain-anchored records available on Enterprise.
Automatic PHI detection before any AI provider ever sees the request. HIPAA-compliant logging with SHA-256 hashing (no PHI stored in plaintext). AES-256 quarantine for high-risk prompts. Business Associate Agreement available on Growth+.
All 110 controls tracked in real time. Live SPRS score using DoD methodology v1.2.1. CUI detection and blocking (FOUO, ITAR, CAGE codes, clearance levels). Automated evidence collection. C3PAO assessment coordination on Enterprise.
| Vertical | What Hound Shield Protects |
|---|---|
| Defense Contractors | CUI, CAGE codes, CMMC enforcement, clearance level references |
| Healthcare Systems | PHI, HIPAA audit trail, EHR prompt sanitization |
| Technology Companies | SOC 2 evidence, credential leaks, IP protection |
| Legal & Finance | Attorney-client privilege, PCI-DSS, M&A confidentiality |
| Government Agencies | ITAR/EAR, classified data, FISMA alignment |
| Five Eyes Partners | Multi-jurisdiction compliance, allied-nation data residency |
- AI gateway proxy — OpenAI-compatible, 800+ models via OpenRouter
- 16-engine CUI/PHI/PII detection matrix
- Real-time stream scanning — token-level truncation on CRITICAL
- LRU classification cache — >50% latency reduction on repeated content
- SPRS score calculator — all 110 NIST 800-171 controls
- Cryptographic audit ledger — SHA-256 seed chain
- AES-256 quarantine vault + HITL review workflow
- PDF compliance reports — SOC 2, HIPAA, CMMC
- Stripe billing — 5-tier subscription management
- Multi-framework dashboard — SOC 2, HIPAA, CMMC simultaneously
- Slack native integration — Block Kit, multi-channel routing, retry
- Microsoft Teams integration — Adaptive Cards v1.5
- SIEM connector — Splunk HEC (NDJSON batch + CEF)
- SIEM connector — Azure Sentinel (HMAC-signed, KQL-queryable)
- Blockchain-anchored audit trail — Base L2, ~$0.001/anchor
- On-prem Docker deployment — multi-stage build, non-root, health checks
- Model compliance leaderboard — per-model violation rate tracking
- Async generator pipeline — parallel pattern matching, short-circuit
- Brain AI — local compliance FAQ engine + LLM fallback
- Goose / AgentScope multi-agent framework support
- Anthropic Managed Agents gateway integration
- Browser extension — Chrome, Edge (intercept browser-native AI tools)
- Mobile app — iOS + Android (Hound Shield dashboard + push alerts on the go)
- MCP Server endpoint — model context protocol for Claude Desktop, Cursor
- Ollama / local model support — full air-gap mode
- SIEM connector — Elastic/ELK Stack
- SAML / SSO — Okta, Azure AD, JumpCloud
- Webhook delivery receipts and dead-letter queue
- Custom pattern library — org-specific regex + ML rules
- Zero-trust mode — deny by default, allowlist per team
- REST API v1 — programmatic access for MSP/consultant integrations
// All blocked prompts in the last 24 hours
Hound ShieldCompliance_CL
| where action_s == "BLOCKED"
| where TimeGenerated > ago(24h)
| project TimeGenerated, user_id_s, risk_level_s, entity_types_s, provider_s
| order by TimeGenerated desc
// CRITICAL events by user
Hound ShieldCompliance_CL
| where risk_level_s == "CRITICAL"
| summarize count() by user_id_s, bin(TimeGenerated, 1h)
| render timechartindex=houndshield sourcetype=_json action=BLOCKED
| stats count by user_id, risk_level, entity_types
| sort - count
index=houndshield risk_level=CRITICAL
| timechart span=1h count by provider
We treat security issues seriously. Do not open a public GitHub issue for vulnerabilities.
Contact: info@houndshield.com
See SECURITY.md for our responsible disclosure policy.
- All secrets accessed via environment variables — never hardcoded
- Prompt text never stored in plaintext — SHA-256 hashed only
- AES-256 encryption for quarantined content
- Non-root Docker user (
nextjs:nodejs) - Rate limiting at middleware layer (60 req/min default)
- HMAC-SHA256 for all outbound SIEM requests
- Base L2 blockchain for tamper-proof audit evidence
Hound Shield integrates with and is informed by the following open-source ecosystems:
- OpenRouter — 800+ model routing
- Supabase — PostgreSQL + Auth + RLS
- Anthropic Claude — Brain AI intelligence
- AgentScope — multi-agent framework patterns
- Goose (Block) — agentic workflow integration reference
- CopilotKit — in-app AI agent patterns
- NIST SP 800-171 Rev 2 — CMMC control framework
- Viem — Base L2 blockchain anchoring
- Fork the repo and create a branch:
git checkout -b feat/your-feature - Make changes. Run
cd compliance-firewall-agent && npm run build— must pass. - Tests are required:
npm test -- --coveragemust show 80%+ coverage on changed files. - Open a PR against
main. The code-reviewer agent runs on every PR.
Do not open PRs that:
- Reduce CUI/PHI detection pattern count below 16
- Modify SPRS scoring deductions without citing the NIST 800-171 Rev 2 control
- Add external network calls that could transmit prompt content
Security issues: email info@houndshield.com — do not open public issues for vulnerabilities.
MIT — free to self-host, fork, and modify. Commercial use of the hosted service at houndshield.com requires a paid plan.
Built for the 80,000+ defense contractors facing CMMC enforcement in 2026.
And every healthcare system, law firm, and tech company that's realized their team is already using AI — whether they approved it or not.
Engineering uncompromising security for the next generation of artificial intelligence.