Test prompt injection models
without the setup.
Models paired with normalizers that catch what raw classifiers miss.
Try it in the playground or integrate via API.
100 free scans/month. Sign up in 30 seconds.
One call. That's it.
Drop this before your LLM call. Works with any provider.
pip install pinpoutimport pinpout# Uses PINPOUT_API_KEY environment variableresult = pinpout.scan("What is the capital of France?")if result.is_safe:print("Safe to pass to LLM")else:print(f"Injection detected (confidence: {result.confidence})")
Or try it in the playground in the Dashboard.
How it works
Three steps to protect your app. Then one endpoint to call.
Sign up, get API key
Create an account. Get your key instantly — no approval process, no sales call.
Try it
Use the playground to test prompts in the browser, or call /v1/scan from your code. One endpoint, that's it.
Sleep better
Every prompt injection attempt gets caught before it reaches your model.
Under the hood
Strips encoding tricks and obfuscation so nothing sneaks past
DeBERTa-v3 classifier — fast, accurate, no LLM API calls.
More models coming soon.
What raw classifiers miss
Attackers obfuscate. We normalize. Raw classifiers see the original — our pipeline sees through encoding tricks before classification.
7 normalization layers: zero-width char removal, homoglyph normalization, leetspeak decoding, ROT13 decoding, hex decoding, base64 decoding, and separator stripping. Actively maintained — new evasion techniques added as the attack landscape evolves.
API Reference
Base URL: https://api.pinpout.dev
/v1/scanScan text for prompt injection attacks. Call this before passing user input to your LLM.
{"text": "string", // required — the text to scan"options": {"return_normalized": bool // optional — include normalized text in response}}
{"is_safe": true, // false if injection detected"confidence": 0.97, // model confidence (0–1)"scan_id": "a1b2c3d4-..." // UUID for this scan}
401 INVALID_API_KEYMissing or bad X-API-Key403 QUOTA_EXCEEDEDMonthly scan limit reached429 RATE_LIMITED100 req/min limit, includes Retry-After header/v1/keysGet your current API key info. Returns null if no key exists yet.
{"key": {"prefix": "pp_live_XXXX...","created_at": "2026-02-01T00:00:00Z","last_used_at": "2026-02-23T10:00:00Z"} | null}
/v1/keysCreate your API key. One key per account. Returns the full secret — save it, it won't be shown again.
{"key": { "prefix": "pp_live_XXXX...", "created_at": "..." },"secret": "pp_live_full_key_here" // shown once}
409 KEY_EXISTSA key already exists — rotate or delete it first/v1/keys/rotateRotate your API key. Old key is immediately invalidated. Returns the new full secret.
{"key": { "prefix": "pp_live_XXXX...", "created_at": "..." },"secret": "pp_live_new_key_here"}
404 NOT_FOUNDNo key exists to rotate/v1/keysDelete your API key. The key is immediately revoked.
{ "deleted": true }
/v1/usageGet your usage for the current month. Resets at UTC midnight on the 1st.
{"scans_total": 42,"quota": {"limit": 100,"used": 42,"remaining": 58}}
Error format
All errors use the same shape:
{"error": {"code": "RATE_LIMITED","message": "Rate limit exceeded. Try again in 30 seconds."}}