Runs at the edge · single-digit ms overhead

Security guardrails for your AI apps, in one line.

Wafer sits between your app and the model. Redact PII, block leaked secrets, stop prompt injection, cache and rate-limit — by changing one base URL.

Start free → Try the sandbox
Bring your own keys · OpenAI · Anthropic · Gemini · Mistral · Groq & more
Live guardrail sandboxno signup
PII Leaked API key Prompt injection Clean
1 line
to integrate
<5ms
p50 overhead
6
built-in guardrails
0
keys stored
Everything in between

One gateway. Every safeguard.

Guardrails run in parallel at the edge, so the happy path stays fast.

🛡️

PII & secret redaction

Catch emails, cards, SSNs and leaked API keys in prompts and responses — block or redact in place.

🚫

Injection defense

Detect jailbreak and prompt-injection attempts before they ever reach the model.

Semantic cache

Return a stored answer for near-identical prompts and skip the model call entirely.

📊

Analytics & logs

Live decisions, cache hit rate, latency p50/p95 and traffic for every project.

⏱️

Rate limits & budgets

Cap requests per minute and daily token spend per project, enforced at the edge.

🔑

Bring your own keys

Your provider keys pass straight through. Wafer never stores them.

Get going

Live in three steps

No SDK to learn. No code to rewrite.

1

Create a project

Sign in to the console and create a project to get a gateway URL and policy.

2

Change your base URL

Point your OpenAI or Anthropic SDK at the gateway URL. Keep your own API key.

3

Configure & watch

Toggle guardrails, caching and limits, and follow traffic in analytics.

Python
JavaScript
cURL

  






  

    ◆ Native integration
    
From blocked threat to root cause.

    
Wafer stops PII leaks, secrets and prompt injection at the edge. heystack.dev takes it from there — turning every Wafer decision into a traceable event so you see what happened, why, and how to fix it.

    Explore heystack.dev →
  

  

    
🛡️ Wafer · at the edge

      
Detects and blocks PII, secrets and prompt injection on every request to your model.

    

    
🔎 heystack.dev · observability & RCA

      
Turns each decision into a root-cause trace, so you fix the source instead of the symptom.

  






  
Questions

  
Good to know

  

    
Does Wafer store my API keys?
No. Your provider key passes straight through with each request (bring-your-own-key). Wafer never stores it.

    
How much latency does it add?
Single-digit milliseconds on the happy path. Cheap regex checks run inline; model-based checks run in parallel, and a Tier-0 block short-circuits the rest.

    
Do I need to change my code?
Just one line — point your OpenAI or Anthropic SDK's base URL at your project's gateway URL. No SDK to learn.

    
Which providers are supported?
OpenAI and Anthropic today, with more on the way. Anything that speaks their API works unchanged.

    
Does Wafer work with heystack.dev?
Yes. Wafer integrates natively with heystack.dev — every guardrail decision becomes a traceable event for observability and root-cause analysis.

    
Is there a free tier?
Yes — it's free to start. Create a project and ship in minutes.

  

  





  

    
Ship AI features, not AI risk.

    
Add a security layer to your LLM app in minutes. Free to start.

    Open the console →