PCI-DSS · GDPR · CCPA · COPPA

AI safety + brand control for e-commerce

The eval + guardrail + red-team + audit platform for marketplaces, DTC brands, and retail platforms. Block card-data leakage at the gateway, keep brand voice consistent across thousands of AI-generated product descriptions, cap runaway customer-service bot spend, ship the audit trail PCI auditors expect.

0
Scorers
0
LLM providers
0
Red-team plugins
0.00ms
Firewall p95

What ships today

Honest posture, not roadmap promises

Every checked item is in production today. In-progress items are flagged explicitly — no overclaiming, no vapor.

PCI-DSS card-data firewall (PAN/CVV/track-data auto-redact)
GDPR + CCPA data subject right intake (right-to-know, delete)
COPPA-compatible (no PII collection from minors-flagged sessions)
Brand-voice + tone scorers for AI-generated product copy
Cost-cap kill switch (per-tenant daily budget, runaway-bot protection)
FTC endorsement-disclosure scorer (sponsored / affiliate content)
Marketplace seller-side cross-tenant RLS proven via real two-org E2E

Built for buyer reality

E-commerce AI use cases we ship for

Product Q&A on PDPs

Shopper asks 'Is this dishwasher-safe?' on a product page. AI must answer from the verified product spec — not invent features that don't exist, not promise warranties the brand doesn't offer.

EvalGuard features

  • Hallucination scorer: faithfulness check against the loaded product spec corpus
  • Output guardrail: block mode rejects responses making unstated warranty claims
  • Per-route rate limits prevent enumeration attacks against the spec API
  • Multi-model routing: fast/cheap model for FAQ, premium model for complex compatibility questions

Customer-service chatbot

Post-purchase chatbot handles 'where's my order' / refund requests / size exchanges. Cannot leak card data, cannot promise refunds the policy doesn't allow, cannot reveal other customers' orders.

EvalGuard features

  • Card-data firewall: PAN / CVV / expiry / track-data auto-redacted from logs by default
  • Topic firewall: blocks queries asking for policy exceptions the AI isn't authorized to grant
  • Cost-cap kill switch: per-day USD cap so a runaway bot loop can't blow the budget
  • Cross-tenant RLS: order-history isolation enforced per shopper at every query

AI-generated product descriptions

Brand generates thousands of product descriptions from raw specs. Must stay on-brand voice, must not invent features, must comply with FTC endorsement + claim rules.

EvalGuard features

  • Brand-voice scorer: trained on the brand's existing approved copy corpus
  • Hallucination scorer: every claim cited to a spec field, not invented
  • FTC-endorsement scorer: flags affiliate/sponsored language requiring disclosure
  • Version-controlled prompts (prompt IDE) for legal-review approval workflow

Personalized recommendation explanations

AI explains why a recommendation showed up. Cannot fabricate reasons (real recommender uses collab-filtering), cannot leak other customers' behavior, cannot make recommendations that violate FTC dark-pattern rules.

EvalGuard features

  • Faithfulness scorer: explanation cited to actual feature scores from the recommender
  • Output toxicity scorer: catches manipulative urgency language (dark-pattern detection)
  • PII firewall: no individual-customer behavior referenced in explanations
  • Audit log: every shown recommendation linked to model version for A/B-test recoverability

Wire it in 60 seconds

Wrap your OpenAI client. Card data never reaches the model.

PCI firewall patterns + brand-voice scorers + per-project daily cost caps live in the EvalGuard control plane. Your code just wraps the client.

typescript
import OpenAI from "openai";
import { wrapOpenAI, EvalGuardViolationError } from "evalguardai-openai";

const openai = wrapOpenAI(new OpenAI(), {
  apiKey: process.env.EVALGUARD_API_KEY!,
  projectId: "shopper-assist",
  metadata: { vertical: "ecommerce", pci_scope: true },
  blockOnViolation: true,                  // PAN/CVV blocked pre-egress
  evalOnResponse: { failOnScore: 0.7 },    // brand-voice scorer
  onViolation: (r) => pageOncall(r.violations),
});

try {
  await openai.chat.completions.create({
    model: "gpt-4o",
    messages: [{ role: "user", content: shopperAssistPrompt }],
  });
} catch (err) {
  if (err instanceof EvalGuardViolationError) {
    // PCI-safe fallback: hand off to a human-staffed agent.
  }
}
Per-project daily cost caps + PCI firewall patterns + brand-voice scorers all set in the control plane — code stays SDK-clean.
Same integration for Anthropic, Gemini, and 91+ providers — swap wrapOpenAI for wrapAnthropic.

Stack

Six surfaces, one platform

Eval, firewall, red-team, audit, BYOK, dashboard — every surface ships out of the box. No bolt-on vendors, no procurement cycle per capability.

Card-data firewall

PCI-grade redaction across PAN, CVV, expiry, track-data, plus customer PII (email, address, phone).

Brand + faithfulness scorers

Brand-voice + hallucination + FTC-endorsement-disclosure scorers for generated commerce copy.

Red-team (249 plugins)

Commerce pack: card-data extraction, refund-policy jailbreak, brand-voice attacks, dark-pattern elicitation.

Audit log + PCI evidence

Tamper-evident audit log + PCI-DSS evidence-bundle export for QSA review.

Gateway cost cap

Per-tenant daily USD budget + kill-switch — runaway customer-service bots can't blow the month's spend.

Compliance dashboard

PCI / GDPR / CCPA control coverage with auto-generated evidence for your auditor.

Ship AI shoppers trust + auditors approve.

Free trial includes PCI firewall, brand-voice scorers, cost-cap kill switch, and the full audit log. PCI-DSS evidence bundle on request.

Start free trialTalk to founders

Apache-2.0 source · SOC 2 Type II in progress · full trust center