Endpoint
Authentication
The API requires authentication via an API key.- Header:
Authorization: Bearer YOUR_API_KEY
- Replace
YOUR_API_KEY
with your actual API key.
Headers
Header | Value |
---|---|
Authorization | Bearer YOUR_API_KEY |
Content-Type | multipart/form-data |
Content-Type
header; your HTTP client library will handle it when using multipart/form-data
.
Request Parameters
Form Data
Parameter | Type | Required | Description |
---|---|---|---|
file | file | Yes | The document file to be analyzed for potential indirect prompt injection. Accepted formats: PDF, DOCX, TXT, etc. |
multipart/form-data
form submission.
Other Parameters
The current implementation focuses on analyzing the uploaded document. Additional parameters likezero_latency
, strictness
, tag
, etc., are set within the server code and are not exposed as request parameters for this endpoint.
Response
Success Response
-
Status Code:
200 OK
-
Content-Type:
application/json
-
Body:
Error Responses
400 Bad Request
500 Internal Server Error
Response Fields Description
- contains_attack (
boolean
): Indicates whether any potential indirect prompt injection attacks were detected in the document. - attack_percentage (
number
): The proportion of chunks identified as containing potential attacks, ranging from0
to1
. - attack_content (
string
): Concatenated text of all chunks identified as containing attacks. - total_tokens (
integer
): Total number of tokens in the extracted text from the document. - estimated_price (
number
): Estimated cost of processing the document, based on the total number of tokens (assumed rate of €10 per million tokens).
Example Usage
Python Example
- Endpoint URL: Points to
https://api.glaider.it/v1/detect-indirect-attack
. - API Key: Replace
"YOUR_API_KEY"
with your actual API key. - Headers: Only the
Authorization
header is set. Do not manually set theContent-Type
header when uploading files. - File Upload: The file is sent in the
files
parameter usingmultipart/form-data
. - Response Handling: The script prints out the status code and the JSON response.
Additional Information
- File Support: The service supports various document formats like PDF, DOCX, TXT, etc.
- Chunking Logic: The text extracted from the document is split into chunks of up to 480 characters each for analysis.
- Analysis Process: Each chunk is analyzed for prompt injection using the existing prompt injection detection mechanisms.
- Cost Estimation: The
estimated_price
is calculated based on the total number of tokens processed, assuming a rate of €10 per million tokens. - Asynchronous Processing: The current implementation processes all chunks synchronously and returns the aggregated result.
Usage Notes
- Authentication: Make sure to include your API key in the
Authorization
header. - File Upload: Use
multipart/form-data
to upload the file. - Response Handling: Check the
contains_attack
,attack_percentage
, andattack_content
in the response to understand the analysis outcome. - Error Handling: If an error occurs, the response will contain an
error
field with the error message. - Performance: The total execution time may vary depending on the size of the document and the number of chunks.
- Cost Awareness: Be mindful of the
estimated_price
when processing large documents.
Response Interpretation
- A
contains_attack
value oftrue
indicates that at least one chunk of the document was identified as containing a potential indirect prompt injection attack. - The
attack_percentage
helps gauge how much of the document is affected.- For example, an
attack_percentage
of0.2
means that 20% of the chunks are potentially unsafe.
- For example, an
- The
attack_content
provides the concatenated text of all unsafe chunks, which can be reviewed for further analysis. - The
total_tokens
andestimated_price
provide insights into the size of the document and the associated processing cost.
Example Workflow
-
Prepare the Request:
- Ensure you have a valid API key.
- Choose the document you want to analyze.
-
Send the Request:
- Use the provided Python example or your preferred HTTP client to send a
POST
request to the/v1/detect-indirect-attack
endpoint. - Upload the file using
multipart/form-data
.
- Use the provided Python example or your preferred HTTP client to send a
-
Process the Response:
- On success, check the
contains_attack
field. - If
contains_attack
istrue
, review theattack_content
to understand the potential threats. - Use
attack_percentage
to assess the severity.
- On success, check the
-
Take Action:
- If attacks are detected, consider sanitizing the document or investigating further.
- Use the
total_tokens
andestimated_price
to manage costs for large-scale analysis.
FAQs
-
Q: What types of files are supported?
- A: The service supports various document formats, including PDF, DOCX, TXT, and more.
-
Q: How is the
estimated_price
calculated?- A: It’s based on the total number of tokens in the extracted text, assuming a rate of €10 per million tokens.
-
Q: Is the analysis real-time?
- A: Yes, the analysis is performed synchronously, and the response is returned after processing.
-
Q: Can I adjust the strictness or other parameters?
- A: Currently, parameters like
strictness
are set within the server code and are not exposed as request parameters.
- A: Currently, parameters like
-
Q: How secure is my uploaded document?
- A: Uploaded documents are processed and then deleted from temporary storage. Ensure you comply with your organization’s data handling policies.