AI GATEWAY · MCP TOOLS · SECURITY · AUDIT

One layer between your apps and every AI agent.

Route LLM calls to any provider. Execute MCP tools with per-key access control. Scan every request, response, and tool output for injection, PII, and off-topic drift. Sign and audit every step.

Book a demoRead the docs →
01

Same code. Gained everything.

Change two lines. Gain routing, tools, policy, and audit.

Keep your SDK. Keep your models. Keep your code. Verosek is a drop-in replacement for the OpenAI, Anthropic, and Gemini SDKs.

import openai

client = openai.OpenAI(
    api_key="vsk_...",                    # Verosek virtual key
    base_url="http://your-gateway/v1",   # ← only line that changed
)

response = client.chat.completions.create(
    model="gpt-4o",
    messages=[{"role": "user", "content": "How many users are in the database?"}],
)
# Tools handled internally. Policy enforced. Every step audited.
print(response.choices[0].message.content)
02

Architecture at a glance.

One request. Every layer. Under 30 ms of overhead.

Every call flows through virtual-key identity, Shield pre-scan, cross-SDK translation, the provider, the policy engine, tool execution, post-scan, and a signed audit entry.

Verosek request flow architecture
03

Four layers. One product.

Routing, tools, security, and audit — without the integration gap.

Layer 01

AI Gateway

Route any SDK to any provider. Twelve OpenAI endpoints plus native Anthropic and Gemini. Cross-SDK translation on the fly.

Learn more

Layer 02

MCP Tools

Fifty tool connectors across databases, SDLC, knowledge, search, automation, business, and observability. DBeaver-style access control for every one.

Learn more

Layer 03

Verosek Shield

24 security checks across input, output, tool output, and session drift. Deterministic where possible. Offline ML everywhere.

Learn more

Layer 04

Audit Vault

Tamper-evident HMAC-SHA256 trace. Decision receipts that verify offline with one CLI command.

Learn more
04

What Verosek catches.

The four attack vectors nobody else structurally handles.

CHK-013CHK-014

Prompt injection + jailbreak

User prompts contain hidden instructions that override the system prompt.

Multilingual classifier catches direct injection and jailbreak in one forward pass.

CHK-020

Indirect injection via tool output

A SQL row or Slack message contains instructions that the model reads as if you wrote them.

Post-tool scan runs the same classifier against every tool output before it reaches the model.

CHK-015CHK-018CHK-021CHK-022

PII and secret exfiltration

The model leaks customer data in its reply, or a tool reads it into the session.

A multilingual PII engine plus 17 secret-regex patterns scan inputs, outputs, tool results, and cumulative session bytes.

CHK-023CHK-024

Off-topic drift + hallucination

Agent answers about topics the key never authorised — or fabricates grounded-looking output.

Per-key topic centroids plus an offline grounding verdict flag drift and ungrounded claims.

05

Receipts, not claims.

Every decision is explainable. Every trace is verifiable offline.

An auditor verifies each receipt with one CLI command — no network call back to Verosek.

receipt.json
{
  "trace_id": "trace_01HQ5V8K3P7Z2MJR9",
  "decision": "BLOCK",
  "key_id": "vsk_prod_04",
  "tool": "postgres.query",
  "score": 8,
  "triggered_checks": [
    {
      "id": "CHK-002",
      "detail": "DELETE not in allowed_operations [SELECT]"
    }
  ],
  "signed_at": "2026-04-15T09:41:22Z",
  "signature": "hmac-sha256:a7b9c2…4f8e"
}
$verosek-verify-receipt receipt.jsonVALID
policy-decision.json
BLOCK
{
  "decision": "BLOCK",
  "score": 8,
  "triggered_checks": [
    {
      "id": "CHK-002",
      "detail": "DELETE not in allowed_operations [SELECT]",
      "score_contribution": 8
    }
  ],
  "modifications_applied": []
}
verify
$ verosek-verify-receipt receipt.jsonreading receipt.json ...
signature:   hmac-sha256:a7b9c2...4f8e
signed at:   2026-04-15T09:41:22Z
request_hash match: ok
triggered_checks well-formed: ok
signature verifies: ok

VALID
Self-hostable
Air-gap safe
Offline ML
AES-256-GCM
HMAC-SHA256
NIST AI RMF
EU AI Act
06

Three tiers. No surprises.

Start on a 15-day free trial. Graduate when your compliance team asks for evidence.

Trial

Free/ 15 days

No card required. 2 virtual keys, 2 MCP connections, baseline Shield.

  • 2 virtual keys
  • 50k requests, 50k Shield scans
  • Baseline Shield profile
  • Community support
Start free trial
Most popular

Team

$999/ month

Managed cloud. Predictable overage. Baseline + strict Shield profiles.

  • 25 virtual keys, 5 MCP connections
  • 500k requests / 500k scans / month
  • 5 users with admin / member / auditor roles
  • Email support, 24-hour response
Start Team plan

Enterprise

Contact us

Annual. Unlimited everything. Managed cloud, self-hosted, or air-gapped.

  • Unlimited keys, connections, users
  • Custom RBAC, 90+ day audit retention
  • HMAC-signed receipts, custom PII recognizers
  • Named TAM, 4-hour SLA
Talk to sales

Put a governance layer in front of your agents.

FAIL_CLOSED by default. Every tool call scanned. Every decision signed.

Book a demoSee how delivery works →