The enterprise control plane for LLMs.
2Trust.AI sits between your people, your customers, your data, and every LLM — enforcing safety, alignment, compliance, and auditability on every prompt and every response.
Inbound prompts
Prompt inspector · BLOCKED
Input en-US · 142 tok
Validation scores · 6 categories threshold 0.90
Classifier verdicts fp16 · <100ms
Org metrics · 24h
Every message — prompt and completion — validated across six categories, encrypted at rest, and audit-logged for the auditor.
One control plane. Every LLM, every message.
2Trust.AI is the enterprise layer between your employees, your customers, your data, and Large Language Models. Deploy any model — OpenAI, Anthropic, Bedrock, Llama, Mistral, or self-hosted — behind unified safety, governance, and audit.
Prompt-hacking & impersonation defense
Two purpose-trained transformer classifiers — FP16-quantized, torch.compile()-optimized — inspect every prompt for injection, jailbreaks, and role-hijack attempts. Sub-100ms on GPU.
Six-category, threshold-based filters
Every message scored across Religion, Politics, Gender, Race, Violence, and Sensitive. Admins set per-category thresholds and custom block messages. Input and output, in and out.
Curated, versioned, subscribable
Block or flag words and phrases across the organization. Version every change. Child orgs subscribe to a central list maintained by the security team — updates inherit automatically.
EU AI Act–style risk wizards
Three structured wizards — AI Model Risk, Overall AI Risk, Data Risk. Each produces a numerical score (Low / Moderate / High / Very High) plus narrative documentation suitable for board or regulator.
Any model. One configuration.
OpenAI, Anthropic, Bedrock, OpenRouter, Llama, Mistral, local LLMs. Vision and DALL·E included. Swap providers in an LLM Configuration — your apps never change.
Your docs. Governed RAG.
Upload PDF, DOCX, PPTX, XLSX, HTML, code. Chunk, embed, and store in PostgreSQL pgvector. Three granularities — chunk, section-summary, doc-summary. Per-org S3 namespaces.
Every message. Encrypted. Versioned.
Every prompt, completion, validation score, and user feedback stored encrypted at rest. Full change history on every configuration object via django-simple-history. Read-only auditor role.
Versioned REST + MCP tool calling
A stable /api/v1/ surface for ai/infer, kb/search, kb/train, moderation, and jobs. MCP service accounts let external tools call 2Trust on behalf of the org — hashed token storage, instant revoke.
Parent/child orgs, four built-in roles
Organization hierarchy with data isolation at the model layer. Roles: Superuser, Org Admin, Auditor (read-only), User. Auth0 OAuth2 SSO + Django Allauth. Per-org S3, API keys, defaults.
Four stages.
Every request.
One API call to /api/v1/ai/infer. From there, every prompt is screened, scored, and audited before — and after — it touches a model.
Screen input
Input filter + prompt-hacking classifier + impersonation classifier inspect the prompt. Attacks and disallowed content are rejected before a paid token is ever spent.
Infer
The configuration's LLM — OpenAI, Anthropic, Bedrock, local — is called with the bound system prompt and any retrieved DocumentCollection context.
Screen output
Output filter scores the response across six categories. Per-category thresholds trigger block, redact, or warn. Custom block messages replace unsafe content.
Record
The full exchange — prompt, response, scores, flags, user feedback — is stored encrypted at rest. Configuration changes are captured by django-simple-history.
Switch providers without rewriting a line of application code.
OpenAI (GPT-4, GPT-3.5, DALL·E), Anthropic (Claude), AWS Bedrock, OpenRouter, Llama, Mistral, and local/self-hosted LLMs. Vision and image generation included. Swap the model in an LLM Configuration — your apps never change.
See all integrations"Our board wanted a credible answer to 'how are we governing AI?' that didn't depend on any one vendor's promises. 2Trust gave us that answer — with evidence attached to every message."
Put every AI interaction on the record.
Map one existing LLM integration onto /api/v1/ai/infer behind the Safety & Trust Layer. Stand up a governed DocumentCollection against a representative corpus. Typical pilot: 2–4 weeks.