Documentation

Two calls. Your policies. In production.

The AetherLab API screens text with check_prompt and images with check_media, against guardrail policies you define. Python SDK aetherlab 0.4.1, REST underneath, x-api-key auth.

01

Quickstart

Install the SDK (Python 3.9+), set your API key, and screen your first output. Keys are issued per environment at app.aetherlab.co.

shell
pip install aetherlab
export AETHERLAB_API_KEY="your-api-key"
quickstart.py
from aetherlab import AetherLabClient

client = AetherLabClient()  # reads AETHERLAB_API_KEY

# An AI response you want screened before it ships
ai_response = "Invest all your money in crypto! Guaranteed 10x returns!"

result = client.check_prompt(
    ai_response,
    blacklisted_keywords=["guaranteed returns", "financial advice"],
)

print(result.compliance_status)  # "Non-Compliant"
print(result.is_compliant)       # False
print(result.avg_threat_level)   # probability of policy violation
print(result.rationale)          # why it was flagged

At least one policy is required per check: configure standing policies in Policy Controls at app.aetherlab.co, or pass whitelisted_keywords / blacklisted_keywords per request.

async
import asyncio
from aetherlab import AsyncAetherLabClient

async def main():
    async with AsyncAetherLabClient() as client:
        result = await client.check_prompt(
            "Hello, how can I help you today?",
            blacklisted_keywords=["violence", "weapons"],
        )
        print(result.compliance_status)  # "Compliant"

asyncio.run(main())
02

Authentication

All requests authenticate with an x-api-key header against https://api.aetherlab.co. The SDK reads AETHERLAB_API_KEY from the environment, or accepts api_key= explicitly.

  • ·Never expose keys in client-side code; keep them in server environment variables.
  • ·Use separate keys for development and production, and rotate them periodically.
03

Check text · POST /v1/guardrails/prompt

Screens text against your guardrail policies and returns a compliance verdict with a threat level, confidence, and rationale. This endpoint backs the SDK's check_prompt().

ParameterTypeRequiredDescription
user_promptstringYesThe text to check
whitelisted_keywordstringNo*Comma-separated topics/keywords that are allowed
blacklisted_keywordstringNo*Comma-separated topics/keywords that are not allowed
reasoning_modestringNoReasoning effort: low (default), medium, or high
risk_tolerancestringNolow, medium, or high
environmentstringNoEnvironment tag (default: production)

* At least one policy is required: standing policies from Policy Controls, or a whitelist/blacklist sent with the request. Otherwise the API returns ERR_0202.

curl
curl -X POST https://api.aetherlab.co/v1/guardrails/prompt \
  -H "x-api-key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "user_prompt": "Invest all your money in crypto! Guaranteed 10x returns!",
    "blacklisted_keyword": "guaranteed returns,financial advice"
  }'

The SDK method test_prompt() is a deprecated 0.3.x alias. Use check_prompt() in new integrations.

04

Check images · POST /v1/guardrails/media

Screens an image against your guardrail policies. Accepts multipart form data with input_type set to file, url, or base64, plus the same policy and tuning fields as the prompt endpoint. Backs the SDK's check_media() and returns the same response shape.

python
result = client.check_media(
    "photo.png",
    input_type="file",
    blacklisted_keywords=["violence"],
)
print(result.compliance_status)
05

Responses

Both endpoints return a data object with the verdict. The SDK exposes it as ComplianceResult (compliance_status, is_compliant, avg_threat_level, confidence, rationale, full body as raw).

compliant
{
  "status": 200,
  "message": "Prompt Guard Response",
  "data": {
    "compliance_status": "Compliant",
    "avg_threat_level": 0.0,
    "confidence": 1.0,
    "rationale": "No violating content."
  }
}
non-compliant
{
  "status": 200,
  "message": "Prompt Guard Response",
  "data": {
    "compliance_status": "Non-Compliant",
    "avg_threat_level": 1.0,
    "confidence": 1.0,
    "rationale": "Guaranteed returns violate policy."
  }
}
06

Latency expectations

Every check runs a multi-model compliance jury plus your policy engine: the content is evaluated by several models against your rules, and the verdict is adjudicated, scored, and explained. That is substantially more work per request than a single-classifier moderation ping, and the production medians reflect it: roughly 1.4s for text and 1.8s for images (median, across all reasoning modes).

  • ·Budget ~2 seconds for a synchronous check in the request path; where your flow allows, run the check concurrently with other work.
  • ·reasoning_mode controls the depth/latency trade-off per request. Talk to us about tuning it for latency-sensitive paths.
  • ·The response includes the full verdict, threat level, and rationale in one round trip, so no follow-up call is needed to explain a block.
07

Errors

Standard HTTP status codes, plus an error_code field the SDK maps to a typed exception hierarchy (all inherit from AetherLabError).

StatusMeaningSDK exception
200Successn/a
400 · ERR_0200 / ERR_0201Malformed requestInvalidRequestError
400 · ERR_0202No guardrail policy configuredMissingPolicyError
401Invalid or missing API keyAuthenticationError
429Rate limit exceeded (honours Retry-After)RateLimitError
5xxServer error (retried automatically)APIError
Network failureUnreachable after all retriesAPIConnectionError
08

Resources

Ship with guardrails this week.

If the SDK covers your use case, start now. If you need bespoke policies, image workflows at scale, or an assessment first, that's an email away.

Ask about the Evidence Pack

Leave your email and we'll walk you through what an Evidence Pack contains for your use case: severity-scored findings, business-impact mapping, and the approval record.