Comparison vs Alternatives
Honest. Opinionated. Includes where the alternatives win.
This page is intentionally not a "Trinitite is best at everything" matrix. The five systems below all do useful work; we built Trinitite because we needed something specific that none of them deliver. If you're already invested in one of these, the migration guides tell you how to layer Trinitite on top — usually without ripping out the existing system.
Core feature matrix
| Capability | Trinitite | AWS Guardrails | Lakera Guard | Guardrails AI | NeMo Guardrails | OpenAI Moderation |
|---|---|---|---|---|---|---|
| Deterministic decision under load | ✓ | |||||
| Sub-400ms p99 governance | ✓ | ~ | ✓ | ~ | ✓ | |
| RFC 6902 JSON Patch corrections (no re-gen) | ✓ | |||||
| Merkle-chained, replay-bit-exact audit | ✓ | |||||
| Per-tool MCP Guardian | ✓ | |||||
| CLI Firewall for coding agents | ✓ | |||||
| Self-hosted / air-gapped | ✓ | ~ (enterprise) | ✓ | |||
| OpenAI-compatible drop-in proxy | ✓ | |||||
| Custom rubric (your handbook → Guardian) | ✓ | ✓ | ✓ | ✓ | ||
| Pre-built moderation taxonomy | (added in roadmap) | ✓ | ✓ | ✓ | ||
| Vendor-neutral (any LLM, any inference engine) | ✓ | Bedrock-only | ✓ | ✓ | ✓ | OpenAI-only |
| Federated immunity (one tenant blocks → all benefit) | ✓ | |||||
| Open-source SDK | (planned) | ✓ (clients) | ✓ | ✓ | ✓ | ✓ |
Legend: ✓ = supported, ~ = partial.
Where each alternative wins
AWS Guardrails for Bedrock
Wins when your stack is fully Bedrock-native and you want a single AWS-billable line item. Strong category coverage out of the box. Caveat: governance happens inside Bedrock — your audit story has to live in CloudTrail.
Lakera Guard
Wins when you want a single prompt-injection score across many vendors. Excellent prompt-injection research team; their detection list is broad. Caveat: detection-only — your application still has to decide what to do.
Guardrails AI
Wins when your team is comfortable writing RAIL specs and you want fine-grained Pydantic-style validators. Great open-source community. Caveat: the "reask" pattern adds latency and tokens; under load this stack compounds.
NeMo Guardrails
Wins for conversation-flow governance — when to ask a clarifying question, when to refuse with a specific tone. Excellent Colang DSL. Caveat: every rail is itself an LLM call; latency stacks; the audit story is per-rail traces.
OpenAI Moderation API
Wins when you only need OpenAI's predefined safety categories and you're already on the OpenAI billing line. Free at the moderation surface. Caveat: detection only, fixed taxonomy, no audit, OpenAI-only.
When not to pick Trinitite
- You have no policy beyond "block hate speech." The OpenAI Moderation API is free and sufficient. Come back when you need an MSA-specific or HIPAA-specific rubric.
- You are not yet in production. A Guardian's value compounds with audit volume — single-developer prototypes don't need the audit infrastructure (yet).
- You are running entirely client-side LLM inference with no network calls. Trinitite's value is at the boundary; if there's no boundary, there's nothing for the Guardian to govern.
Side-by-side migrations
If you decide Trinitite is the right next step, the Migration guides document the cutover for each of the five alternatives above: