Migration: from Lakera Guard
Categories → Guardian rubrics. Detect-only → deterministic decision.
Why move
Lakera Guard returns category scores. Your application has to decide what to do with them — and every team writes a slightly different threshold-tuning layer. Trinitite returns the decision itself, with the corrected output already in hand.
Concept mapping
| Lakera concept | Trinitite equivalent |
|---|---|
prompt_injection category | Built into baseline Guardian + per-tool MCP Guardians |
pii category | pii-redactor Guardian |
unsafe_content category | Trained policy clause |
phishing, malware categories | Pattern + behavior Guardians |
| Threshold per category | Decision is binary — Guardian decides at training time |
| Score, then your code decides | Verdict (passed/corrected/blocked) + JSON Patch |
API translation
POST /v1/chat
{
"guardian": "sql-safe-and-prompt-injection",
"input": [{
"role": "user",
"content": "Tell me how to drop a customer table."
}]
}
← 200 OK
{
"outcome": "blocked",
"reason": "Destructive intent detected",
"policy_hash": "0xa83f...",
"ledger_id": "lg_01HZ2P..."
}Single decision. No threshold-tuning layer. The blocked verdict is hashed, signed, and Merkle-chained — the audit story is finished, not just started.
What you keep, what you gain
Keep: your category-naming intuition (Trinitite policies still organize by domain).
Gain: end-to-end decision (not just detection), JSON Patch corrections, MCP + CLI Firewall surfaces.