Integration hub

Add Mighty before AI trusts bad inputs.

Scan prompts, uploads, OCR output, model output, and image evidence before people or automation rely on it.

Start in 5 minutesGet API keyAI prompts

Step 1

Modality

text, image, PDF, document

Step 2

Phase

input or output

Step 3

AI

involved or generated

Step 4

Data

PII, secrets, redaction

Route every scan

ALLOWcontinue

WARNreview, redact, or add friction

BLOCKstop the workflow

Use redacted output when available. Send weak or suspicious evidence to review. Mighty flags risk, but your team makes the decision.

Untrusted materialPrompt, file, photo, OCR, output

Mighty checkpointPOST /v1/scan

Product routeContinue, review, redact, block

Choose your integration

Start from the workflow you already have.

Use Cases

Start from chat, claims, OCR, invoices, images, agents, batch intake, or AI fraud review.

Open guide

FAQ

Clarify that Mighty is for security, safety, input sanitization, and multimodal inspection, not truth scoring.

Open guide

How Mighty Works

See the scan pipeline from untrusted material to ALLOW, WARN, BLOCK, redaction, and review.

Open guide

Multimodal Setup

Choose settings for text, images, PDFs, documents, OCR output, model output, and PII.

Open guide

Chat Apps

Scan prompts before the model runs and strict outputs before users see them.

Open guide

File Uploads

Check PDFs, invoices, estimates, and documents before OCR or automation trusts them.

Open guide

Damage Photos

Route suspicious or indeterminate image evidence to review before claim decisions.

Open guide

OCR And IDP

Scan extracted text so hidden instructions do not become trusted workflow data.

Open guide

Agent Systems

Review tool output, retrieved content, and final responses before agents act.

Open guide

Sessions And Billing

Connect multistep scans with scan groups, then handle SCU, limits, 402, 413, and 429.

Open guide

Mighty is an input trust layer for security, safety, and multimodal inspection. Add it before chat messages, uploads, OCR output, model output, and agent tool output become trusted workflow data.

Mighty is not a misinformation layer, truth oracle, or fact checker. It helps stop prompt injection, data exfiltration attempts, unsafe output, poisoned OCR, hidden document risk, and steganography-style hidden payload attempts before they reach the AI layer.

Core Mental Model

Start with the use case, then place Mighty at the first trust boundary.

Use scan_phase=input for material submitted by a user, partner, vendor, claimant, customer, or upstream system.

Use scan_phase=output for material generated by your model, agent, OCR pipeline, extraction pipeline, or automation.

Reuse scan_group_id when an input scan and output scan belong to the same workflow. Reuse session_id when the user, claim, chat, or workflow session continues over time.

The Basic Call

curl -X POST https://gateway.trymighty.ai/v1/scan \
  -H "Authorization: Bearer $MIGHTY_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "content": "Please process this claim note before the adjuster sees it.",
    "content_type": "text",
    "scan_phase": "input",
    "mode": "secure",
    "focus": "both",
    "profile": "balanced",
    "data_sensitivity": "standard"
  }'

Read The Result

action is always one of ALLOW, WARN, or BLOCK. The forensics block can return authenticity.verdict = "indeterminate" when evidence is weak, incomplete, or conflicting — that's a verdict on the file, not a routing action. Treat indeterminate as a review route, not as proof.

AI Fraud Examples

AI fraud can enter a workflow through:

• AI-generated damage photos.
• Altered invoices or repair estimates.
• Synthetic supporting documents.
• Hidden instructions in PDFs, images, or OCR text.
• Poisoned OCR output that tells an AI system to ignore rules.
• Unsafe model output before a user sees it.

Mighty gives you a consistent place to inspect this material and route risky cases before downstream automation trusts it.

Drift Matters

Risk changes when users submit new formats, OCR produces derived text, models change output behavior, tools return new content, or policy moves from tolerant to strict.

Rescan derived output with the same scan_group_id. Keep the wider chat, claim, batch, or agent run on the same session_id.

Give This To Your AI Coding Agent

You are adding Mighty to an existing product.

Goal:
Add a server-side scan step before user-submitted material reaches AI, OCR, storage, or workflow automation.

Use:
- API base URL: https://gateway.trymighty.ai
- Endpoint: POST /v1/scan
- Env var: MIGHTY_API_KEY
- Never expose the API key to the browser.

Read these docs first:
- /docs/quickstart
- /docs/use-cases
- /docs/concepts/how-mighty-works
- /docs/concepts/configs
- The guide that matches the workflow

Implementation rules:
1. Scan user input with scan_phase=input.
2. Store scan_id, request_id, session_id, and scan_group_id.
3. Route ALLOW, WARN, BLOCK.
4. Reuse scan_group_id when scanning model output or extracted output from the same workflow.
5. Use data_sensitivity=tolerant only when expected PII should not block the workflow.
6. Add tests for ALLOW, WARN, BLOCK, 400, 402, 413, and 429 paths.
7. Rescan derived output when OCR, model, agent, or policy drift changes the trust boundary.

Acceptance criteria:
- API key only exists on the server.
- Scan errors use safe fallback behavior.
- Logs include request_id and scan_id.
- Risky material does not reach the downstream AI path without routing logic.

Production Checklist

• Keep MIGHTY_API_KEY on the server.
• Generate a unique request_id per scan or let Mighty generate one.
• Persist scan_id, scan_group_id, session_id, and action.
• Route WARN to review or a constrained flow.
• Route BLOCK to a safe stop.
• Use async for deep image or PDF checks when latency matters.
• Store raw files according to your own retention policy.
• Do not tell users that Mighty proved fraud. Say it flagged risk for review.