AI safety + brand control for e-commerce
The eval + guardrail + red-team + audit platform for marketplaces, DTC brands, and retail platforms. Block card-data leakage at the gateway, keep brand voice consistent across thousands of AI-generated product descriptions, cap runaway customer-service bot spend, ship the audit trail PCI auditors expect.

What ships today
Honest posture, not roadmap promises
Every checked item is in production today. In-progress items are flagged explicitly — no overclaiming, no vapor.
Built for buyer reality
E-commerce AI use cases we ship for
Product Q&A on PDPs
Shopper asks 'Is this dishwasher-safe?' on a product page. AI must answer from the verified product spec — not invent features that don't exist, not promise warranties the brand doesn't offer.
EvalGuard features
- Hallucination scorer: faithfulness check against the loaded product spec corpus
- Output guardrail: block mode rejects responses making unstated warranty claims
- Per-route rate limits prevent enumeration attacks against the spec API
- Multi-model routing: fast/cheap model for FAQ, premium model for complex compatibility questions
Customer-service chatbot
Post-purchase chatbot handles 'where's my order' / refund requests / size exchanges. Cannot leak card data, cannot promise refunds the policy doesn't allow, cannot reveal other customers' orders.
EvalGuard features
- Card-data firewall: PAN / CVV / expiry / track-data auto-redacted from logs by default
- Topic firewall: blocks queries asking for policy exceptions the AI isn't authorized to grant
- Cost-cap kill switch: per-day USD cap so a runaway bot loop can't blow the budget
- Cross-tenant RLS: order-history isolation enforced per shopper at every query
AI-generated product descriptions
Brand generates thousands of product descriptions from raw specs. Must stay on-brand voice, must not invent features, must comply with FTC endorsement + claim rules.
EvalGuard features
- Brand-voice check via semantic-similarity: generated copy scored against your approved-copy corpus
- Hallucination scorer: every claim cited to a spec field, not invented
- Disclosure-adherence check (judge-adherence): flags affiliate/sponsored copy missing required disclosure language
- Version-controlled prompts (prompt IDE) for legal-review approval workflow
Personalized recommendation explanations
AI explains why a recommendation showed up. Cannot fabricate reasons (real recommender uses collab-filtering), cannot leak other customers' behavior, cannot make recommendations that violate FTC dark-pattern rules.
EvalGuard features
- Faithfulness scorer: explanation cited to actual feature scores from the recommender
- Output toxicity scorer: catches manipulative urgency language (dark-pattern detection)
- PII firewall: no individual-customer behavior referenced in explanations
- Audit log: every shown recommendation linked to model version for A/B-test recoverability
Wire it in 60 seconds
Wrap your OpenAI client. Card data never reaches the model.
PCI firewall patterns + tone / semantic-similarity scorers + per-project daily cost caps live in the EvalGuard control plane. Your code just wraps the client.
import OpenAI from "openai";
import { wrapOpenAI, EvalGuardViolationError } from "@evalguard/openai";
const openai = wrapOpenAI(new OpenAI(), {
apiKey: process.env.EVALGUARD_API_KEY!,
projectId: "shopper-assist",
metadata: { vertical: "ecommerce", pci_scope: true },
blockOnViolation: true, // PAN/CVV blocked pre-egress
evalOnResponse: { failOnScore: 0.7 }, // tone + copy-similarity scorers
onViolation: (r) => pageOncall(r.violations),
});
try {
await openai.chat.completions.create({
model: "gpt-4o",
messages: [{ role: "user", content: shopperAssistPrompt }],
});
} catch (err) {
if (err instanceof EvalGuardViolationError) {
// PCI-safe fallback: hand off to a human-staffed agent.
}
}wrapOpenAI for wrapAnthropic.Stack
Six surfaces, one platform
Eval, firewall, red-team, audit, BYOK, dashboard — every surface ships out of the box. No bolt-on vendors, no procurement cycle per capability.
Ship AI shoppers trust + auditors approve.
Free trial includes PCI firewall, tone + copy-similarity scorers, cost-cap kill switch, and the full audit log. PCI-DSS evidence bundle on request.
Apache-2.0 source · SOC 2 evidence engine live · full trust center