PII Guard: 99%+ accuracy across text, images, audio, video AI Guard: Blocks prompt injection and jailbreaks (95%+ F1, zero false positives) Agent Security: Protects autonomous AI workflows RAG Security: Secures retrieval-augmented generation pipelines
Sub-30ms latency. Drop-in SDK for OpenAI, Anthropic, Azure, AWS Bedrock. Runs in your VPC or our cloud.
Would love feedback on the approach. Happy to answer questions.
Thanks, Sukin
EDIT: Manually searching Github leads to this https://github.com/sukincornell/safekeylab (assuming that is the correct one)
In my opinion, the real gap in the market isn’t “better safety models”. it’s turn-key orchestration platforms that provide:
- A web portal for manual moderation and data-labeling workflows
- Multi-tier moderation checks (e.g., if a keyword is detected, escalate to an LLM)
- Simple integration of custom, business-specific models (e.g., blocking competitor mentions)
- A rules engine that combines all model outputs and issues the appropriate treatments
Two Hat and Azure kinda had this, but they didn't support custom models or rules engine.
While I love the idea of redacting/auto-correcting media, e-commerce / social media companies are structurally setup against this. They'd rather stick with the status quo of rejection, than using nano-banana to remove non-compliant features (like pii) from the images.
Once, I had to anonymize student data, so we could have a prod copy on staging. So maybe there is a use-case there...
is this real? damn!!
tonetegeatinst•2mo ago
Few questions I though of, and I apologize if they seem stupid as ML is not my focus of study.
1.Has your team ever considered formal verification of code to show how reliable the process you have is?
2. If data has been removed via your pipeline, is it possible to still infer the type of data based on position or format? (Names of people being located in certain places of a sentence, or say the fact the data is formated a certain way could reveal its a date or timestamp?)
3. You mentioned clients can deploy via VPS, does that mean this is a fedramp ready product? (Do you see this tool being offered to public institutions?)
4. Do you have any internship openings for college students in the summer of 2026?
safekeylab•2mo ago
Formal verification: We've validated through pilot deployments and CS/DevOps teams who've stress-tested the pipeline in production.
Positional inference: Good catch. We replace PII with type-consistent tokens (e.g., [NAME], [DATE]) so format is preserved for downstream tasks, but the actual value is gone. For higher security, we offer synthetic replacement (fake but realistic values) so position and format don't leak information.
FedRAMP: Not yet certified, but the architecture supports it — runs inside customer VPC, no data leaves the environment, full audit logging. FedRAMP and StateRAMP are on our compliance roadmap after SOC2 and HIPAA. Yes, public sector is a major target market.
Internships: Not formally open yet, but email me at sukin@safekeylab.com — always interested in students working on AI security.