Skip to content
Arcjet Docs

AI Runtime Protection

The riskiest parts of an AI application revolve around the prompt and any tools it can invoke. Arcjet helps protect AI applications by providing guardrails across the entire AI lifecycle, using real application context (identity, route, session, cost budgets), not just prompt content.

Production AI failures follow three patterns:

  • Cost explosion. Automated traffic, user abuse, and prompt attacks inflate token and tool spend. Risky for providers and users.
  • Unauthorized side-effects. Agents invoke tools in ways they shouldn’t - issuing refunds, accessing data, escalating privileges. The prompt can be benign; the tool call is catastrophic.
  • Data exfiltration. Sensitive data leaks into logs, third-party contexts, or model memory through tool outputs and unguarded responses.

Arcjet’s core features map directly onto these problems.

AI abuse protection

Section titled “AI abuse protection”

Building blocks: Bot detection, prompt injection detection

Block automated clients and detect prompt injection attacks before they reach your AI. Arcjet lets you deny all automated traffic - or selectively allow trusted clients - and scores incoming messages for injection patterns like jailbreaks, role-play escapes, and instruction overrides.

AI Abuse Protection Block automated clients from your AI applications.
Prompt Injection Detection Detect and block prompt injection attacks before they reach your AI model.

Prompt injection and bot detection compose with budget control and data loss prevention into a single layered policy for a production chat endpoint:

import arcjet, {
  detectBot,
  detectPromptInjection,
  sensitiveInfo,
  shield,
} from "@arcjet/next";


const aj = arcjet({
  key: process.env.ARCJET_KEY!,
  rules: [
    shield({ mode: "LIVE" }),
    detectBot({ mode: "LIVE", allow: [] }),
    detectPromptInjection({ mode: "LIVE" }),
    sensitiveInfo({
      mode: "LIVE",
      deny: ["CREDIT_CARD_NUMBER", "EMAIL"],
    }),
  ],
});

AI budget control

Section titled “AI budget control”

Building block: Token bucket rate limiting

Enforce per-user token quotas to prevent cost explosions. Dynamically link user quotas to rate limits tracked by tokens.

AI Budget Control Enforce per-user token budgets

AI data loss prevention

Section titled “AI data loss prevention”

Building blocks: Sensitive information detection

Prevent PII and sensitive data from leaking into AI model context, logs, or third-party tool calls. Arcjet detects card numbers, email addresses, phone numbers, and custom patterns in request bodies - entirely locally, with no data leaving your infrastructure.

AI Data Loss Prevention Detect and block PII before it enters AI model context.

Quick start

Section titled “Quick start”

The fastest way to get started is the get started guide, which walks through protecting an AI chat application with bot detection and per-user token budgets.