Detection Engine

Seven layers deep

Each layer exploits a different mathematical property. An attacker must evade all seven simultaneously.

1
Structural Analysis
Regex patterns for known injection signatures
<0.01ms
2
Statistical Anomaly
Argument length, entropy, frequency deviation per tool
0.02ms
3
Control Flow Integrity
Priority-based tool call authorization
0.01ms
4
Embedding Similarity
Cosine distance from known-good patterns (TF-IDF)
0.15ms
5
VAE Reconstruction
Autoencoder flags out-of-distribution inputs
0.8ms
6
Execution Tree Trace
JSON structural anomalies across the pipeline
0.3ms
7
LLM Reasoning Judge
Small model evaluates intent alignment
~50ms

How seven independent detectors compose

Most AI security tools use a single classifier. A single point of failure. Agentic Glass uses seven fundamentally different detection methods.

Layers 1-3 run in the open-source SDK. Layers 4-7 in the cloud platform. All seven run inline — before the tool call executes.

The probability of evading all layers simultaneously is the product of individual bypass rates. Seven independent 85% detectors compose to >99.99% detection.

0.94
F1 Score
0.39ms
Median Latency
<2ms
P99 Latency

Try it: detection playground

Type a tool call argument. See which layers fire.

Type something to see detection results...