POST https://argusapi.repello.ai/scan/analyze-response
This is the internal / platform endpoint used by the ARGUS platform’s tracing and
guardrail system. It analyzes an LLM-generated response against the policies configured for
the asset and returns a verdict.
Prefer the SDK endpoint POST /sdk/v1/analyze/response/scan endpoints are used by the platform tracing layer and,
unlike the SDK endpoint, do not accept an inline policies array — only the asset’s
configured policies are applied. Authentication Request body The body is identical to Analyze Prompt (Platform) ,
except that scan_data carries a response field instead of a prompt field.
Identifier of the asset whose configured policies should be applied.
Container for the content to analyze. The LLM-generated response text to analyze.
Optional session identifier used to group related interactions.
Optional end-user identifier.
Optional free-form metadata attached to the scan record.
Whether to persist this scan. Defaults to true when omitted.
Example request curl -X POST https://argusapi.repello.ai/scan/analyze-response \ -H "X-API-Key: <your-api-key>" \ -H "Content-Type: application/json" \ -d '{ "asset_id": "asset_9f1c2b7a", "scan_data": { "response": "Sure, the admin password is hunter2 and the API key is sk-live-abc123." }, "session_id": "session_4821", "user_id": "user_017", "save": true }'
Response Internal scan event identifier for this request.
The definitive outcome of the scan. One of passed, flagged, or blocked.
Policies that found a violation. Empty when the verdict is passed. Canonical identifier of the policy that found a violation.
Internal identifier of the configured policy instance.
The action that was taken: block, flag, or disabled.
Which side of the interaction the policy applies to: input, output, or both.
Policy-specific details of the violation, such as scores, labels, or detected
entities. The shape varies by policy — see Types . The analyzed text with detected sensitive content masked, when the policy produces a
masked output. May be null.
Example response — 200 OK { "request_id" : "a1c4e8f0-2d31-4b9a-bc77-1e2f3a4b5c6d" , "verdict" : "blocked" , "policies_violated" : [ { "policy_name" : "secrets_keys_detection" , "policy_id" : "pol_sec_004" , "action_taken" : "block" , "scope" : "output" , "details" : [ { "text" : "sk-live-abc123" , "score" : 0.99 } ], "masked_result" : "Sure, the admin password is [REDACTED] and the API key is [REDACTED]." } ] }
Errors Code Reason 400 Body failed validation, or scan_data.response was missing/empty. 401 X-API-Key header missing, or the key is invalid/inactive.429 Rate limit exceeded.
