ANCHORED GUARD VERDICTS
A signed, anchored receipt that a piece of untrusted inbound content was screened for prompt-injection and jailbreak patterns by a named, versioned ruleset, with a reproducible verdict. It commits to the content and the ruleset by hash, so the same ruleset re-run on the same input yields the identical decision and matches. It records screening provenance, never a guarantee that the content is safe.
WIRE TYPES
ar.guard.v1 (guard.input)
Single canonical wire type for input screening. Commits to the screened content (SHA-256), names the ruleset and its hash plus the deterministic detector and version, and records the three-state decision (pass / flagged / blocked) and each matched rule's id, severity, and category (one of six — instruction_override, system_prompt_leak, delimiter_injection, encoding_obfuscation, …), at a UTC time.
WHAT IT PROVES
WHAT IT DOESN'T PROVE
COMPOSES WITH
AGR receipts reference other family members via body-level composition pointers — verifier-coordinated, not signature-mandated.
A guard verdict screens the input that drives an agent run; the resulting AActR records the action that ran on that input — screening provenance and action provenance for the same request.
Deliberately distinct surfaces of the same run: AGR screens the input before the agent acts, AQR scores the output after — input-safety provenance versus output-quality provenance.
Verify any
AGR receipt.
Paste any claim ID to verify a receipt, check its anchor, and inspect the issuer signature.
REFERENCES
Anchored Guard Verdicts are cryptographic provenance and privacy-lifecycle protocols. verify.dekimu.com is a reference implementation, not a qualified trust service under Regulation (EU) No 910/2014 (eIDAS) or successor.