Bouclier.aiBouclier.ai
How it worksCoveragePrivacyDownload
v0.2.6 — 161 patterns across 21 categories

Your AI traffic deserves
a local firewall.

Bouclier.ai scans every request and streaming response to AI providers for prompt injection — before they reach the model. Runs entirely on your Mac. No data ever leaves your machine.

Download for macOSHow it works
How it works

Intercept. Scan. Protect.

A System Extension routes AI API traffic through a local proxy on your Mac. Every request and response is inspected before reaching the provider — no code changes, no SDK, no cloud dependency.

01

Intercept

Traffic to 10+ AI providers is automatically routed through Bouclier.ai. Works with any app — ChatGPT, Cursor, Claude, API calls. No configuration needed.

02

Scan

161 detection rules across 21 attack categories. Requests, query strings, and streaming responses are all inspected in real time.

03

Protect

Threats are neutralized inline — injections are redacted before reaching the model. Streaming attacks are terminated cleanly. Safe traffic passes through untouched.

Your apps
Any AI-powered tool on your Mac
Bouclier.ai
Local inspection
AI providers
OpenAI, Anthropic, Gemini, Mistral
Requests scannedStreaming responses inspected
Results

Measured, not marketed.

Every release is tested against 442 real-world attack samples and 240 benign inputs. Detection quality is enforced in CI — regressions block the release.

91.9%
Attacks caught
2.9%
False positive rate
161
Detection rules
21
Attack categories
Coverage

21 attack categories.

Sourced from OWASP LLM Top 10, MITRE ATLAS, HackAPrompt, and red-team research from Anthropic, Microsoft, and leading AI security labs.

Critical High Medium-High Medium
Role Hijack6
Instruction Override5
Tool Poisoning12
Credential Leak11
Memory Manipulation9
Function Hijack8
Model-Specific14
Alignment Bypass14
Code Injection10
Sandbox Escape8
Data Exfiltration6
Indirect Injection7
Context Manipulation5
Chain-of-Thought7
Delimiter Attacks4
Encoding Bypass5
Multilingual15
Payload Splitting3
Obfuscation5
Prompt Leaking4
Recursive Injection3
In action

What it stops.

BLOCKEDRole Hijack
critical

Attempted to override the AI’s instructions and extract its system prompt.

BLOCKEDMultilingual Attack
high

Injection disguised in French to bypass English-language detection.

BLOCKEDAlignment Bypass
critical

Known jailbreak technique (Skeleton Key) attempting to disable safety guardrails.

BLOCKEDTool Poisoning
critical

Malicious instructions hidden in an MCP tool description, targeting SSH keys.

Enterprise

Ready for your security team.

MDM managed

Deploy and configure via Jamf, Kandji, or Mosyle. Control intercepted domains, enforcement policy, and feature flags across your fleet.

Audit trail

Every scan event is logged locally and can be forwarded to your SIEM. Export a privacy-scrubbed diagnostics bundle for incident response.

Hardened by default

Built with defense-in-depth: request size limits, strict input validation, and a published threat model covering every trust boundary.

Streaming protection

AI responses are inspected in real time as they stream. If a threat is detected mid-response, the stream is terminated cleanly.

Privacy

Nothing leaves your Mac.

All detection runs locally. No cloud. No telemetry. No data leaves your machine.

The local CA key is stored encrypted in your Keychain, unique to your device, and removable anytime.

Scan logs never contain your prompts, responses, or API keys — only detection metadata.

Local storage with automatic rotation. You own your data.

Published threat model and privacy policy covering every trust boundary.

Install once. Protect everything.

Download the DMG, drag to Applications, click Enable. Every AI request is protected from that moment.

Download for macOS

macOS 15+ · Apple Silicon & Intel · v0.2.6

Bouclier.aiBouclier.ai
BlockedPrivacy