Role · Developer

Guardrails that feel like a library, not a bureaucracy.

Q: Can I use ShadowIQ without changing my model client?

Yes. Point your existing OpenAI-compatible SDK at our gateway URL and pass our auth header. Zero code change, full enforcement and evidence.

Q: How do I test a policy before shipping?

Policy-as-code gets unit tests (assert decision for synthetic input), integration tests (replay real traffic), and shadow mode (observe in prod without impacting users).

Q: Do you support streaming responses?

Yes. Token-level output filters stop an unsafe answer mid-stream without tearing the response apart. Streaming stays streaming.

Q: What's the failure mode if the gateway is down?

Configurable per workload. Fail-closed (block) for regulated workloads with alert; fail-open with alert for less sensitive ones. Availability target is 99.99% with regional failover.

ShadowIQ was built by engineers who'd rather ship than audit. Drop in the SDK, point your model calls at the gateway, deploy a policy, and get back to work.

Talk to us about Developer Platform overview

What this is

ShadowIQ for developers provides AI safety SDKs (TypeScript, Python, Go), policy-as-code in YAML or Rego, an OpenAPI REST interface, CloudEvents 1.0 webhooks, and OpenTelemetry tracing — letting engineers add prompt injection defense, PII redaction, and cryptographic audit logging in minutes.

How it fits · explainer

What a Developer's dashboard actually looks like.

Where it hurts

You've heard this one before.

Security asking for controls you don't have time to build.
A 'review meeting' before every prompt change.
Writing your own PII redactor and then maintaining it forever.
No shared story for cross-team AI observability.

What we do about it

Three moves.

1
SDKs that feel like fetch().
One function replaces your raw OpenAI/Anthropic/Bedrock client. Drop-in compatible shapes; we add guardrails and receipts.
2
Policy-as-code you can test.
siq policies test runs unit + integration tests locally and in CI. Shadow mode lets you validate in prod without user impact.
3
OTel + Prometheus, no extra setup.
Trace context propagates end-to-end. Metrics emit automatically. Your existing dashboards get AI signals for free.

Outcomes

Numbers, not adjectives.

< 10 min

to first enforced policy

3 SDKs

TS · Python · Go

1 CLI

siq — scriptable everything

Frequently asked

Asked, answered, sourced.

Yes. Point your existing OpenAI-compatible SDK at our gateway URL and pass our auth header. Zero code change, full enforcement and evidence.

Policy-as-code gets unit tests (assert decision for synthetic input), integration tests (replay real traffic), and shadow mode (observe in prod without impacting users).

Yes. Token-level output filters stop an unsafe answer mid-stream without tearing the response apart. Streaming stays streaming.

Configurable per workload. Fail-closed (block) for regulated workloads with alert; fail-open with alert for less sensitive ones. Availability target is 99.99% with regional failover.