Stop PII, secrets, and prompt-injection before they reach the model.
Safety tools that sit as a proxy in the request path add latency, become a single point of failure, and see all of your traffic. So most teams skip them, and ship PII straight to the model.
How FortifyRoot solves it
Detection at the SDK call site
Rules run in your own runtime on prompt and completion text: no gateway, no proxy in the request path. PII, PCI, PHI, secrets, API keys, and prompt-injection are caught before they reach the model.

Configurable rule profiles
Each rule takes a MASK or ALLOW action. New orgs get a starter profile (5 high-signal rules on Free, a broader 20-rule set on paid tiers) that you can inspect and customize in the app.

Every violation, queryable
Total violations, masked and allowed counts, severity, and breakdowns by category, action, provider, and model, so you can prove what was caught and masked.

Instrument it in two lines
Initialize Ocelle once; keep calling your providers as normal.
import fortifyroot.ocelle as ocelle
from openai import OpenAI
# Before running: export FORTIFYROOT_API_KEY="fr_sk_..."
# export FORTIFYROOT_CONFIG_PROFILE_ID="cfg_..."
ocelle.init(
app_name="my-llm-app",
)
client = OpenAI()
client.chat.completions.create(
model="gpt-4o-mini",
messages=[{"role": "user", "content": "my card is 4111 1111 1111 1111"}],
)
# PII / PCI is masked at the call site before it reaches the modelWhat you get
- SDK-side detection: no proxy in the request path
- MASK redacts matched text; ALLOW records without modifying it
- PII, PCI, PHI, secrets, API keys, prompt-injection, and more
- Starter profiles: 5 rules on Free, a 20-rule set on paid
- Prompt/response content capture can be disabled per workload
Make your GenAI predictable, safe, and auditable.
FortifyRoot is in early access. Request an invite, or get a free Cost & Safety Audit and we'll walk through it with you.




