Use Cases
See where Mighty creates value in chat, uploads, OCR, claims, invoices, agents, batch intake, and AI fraud review.
Use cases should start with the trust boundary.
Ask: where does untrusted material become trusted by a person, model, workflow, payment system, or agent?
Use cases
Protect every place untrusted material becomes trusted workflow data.
Before AIChat prompts, files, images, OCR text, retrieved content
Mighty scanThreats, authenticity, sensitive data, risk, redaction
After routingModel call, storage, review queue, payment, agent action
The value is consistency. Every workflow gets the same route: continue, review, redact, request more evidence, or stop.
Use Case Map
| Use case | What can go wrong | Where Mighty sits | Suggested settings |
|---|---|---|---|
| Customer support chat | Prompt injection, unsafe files, public output leaks. | Before streamText, before strict output, before tool results enter context. | mode=secure, focus=both, profile=ai_safety for output. |
| Claims intake | Altered evidence, poisoned documents, normal PII, weak evidence. | Before storage, OCR, extraction, routing, or adjuster automation. | data_sensitivity=tolerant, focus=both, profile=strict for high value. |
| Damage photo review | AI-generated image evidence, edited photos, inconclusive visuals. | Before claim decisions, repair decisions, or payment decisions. | content_type=image, focus=both, mode=comprehensive for deep review. |
| Invoice and estimate review | Altered invoices, synthetic estimates, hidden instructions, inflated line items. | Before extraction, approval, payment, or AI summarization. | content_type=pdf or document, data_sensitivity=tolerant. |
| OCR and IDP pipelines | Hidden instructions become trusted text. OCR errors become workflow facts. | Scan original file, then extracted text with the same scan_group_id. | focus=both, data_sensitivity=tolerant. |
| User-generated uploads | Malware-like prompts, sensitive data, unsafe attachments, unsupported file size. | Before permanent storage, indexing, or sharing. | content_type=auto, mode=secure, async for large evidence. |
| Agentic systems | Tool output or retrieved content manipulates the next model step. | Before tool output, browser content, retrieved docs, or final plans enter context. | profile=ai_safety or code_assistant, reuse scan_group_id. |
| Internal review assistant | Summaries overstate certainty or expose private data. | Before showing generated summaries or recommendations. | scan_phase=output, data_sensitivity=tolerant for internal PII. |
| Batch intake | Many records hide risky items and lose traceability. | Per item before batch automation writes state. | One session_id per batch, one scan_group_id per item. |
| Audio intake | Transcripts can carry unsafe instructions or disputed statements. | Scan transcript text today. Audio scanning is closed beta. | content_type=text for transcript, same session as source audio. |
Value By Workflow
| Workflow | Value |
|---|---|
| Chat | Stop risky prompts before model execution and scan public output before users see it. |
| Uploads | Keep suspicious files out of OCR, storage, search, and AI pipelines until routed. |
| OCR and IDP | Prevent extracted text from becoming trusted workflow data without inspection. |
| AI fraud review | Flag suspicious evidence and route weak signals without claiming proof. |
| Agents | Keep untrusted tool output out of model context. |
| Review queues | Give reviewers IDs, risk fields, original evidence, derived output, and scan history. |
Build Order
- Start with the workflow that has the most trust risk.
- Add
POST /v1/scanbefore the first trust boundary. - Store IDs and action.
- Route ALLOW, WARN, BLOCK,
indeterminate, andpending. - Scan derived output with the same
scan_group_id. - Add review metrics so you can tune tolerance later.
Next step
Ready to scan real traffic?
Create an API key, keep it on your server, then wire Mighty into the workflow that handles untrusted material.
AI-Agent Prompt
AI-ready prompt
Choose Mighty use cases
Paste this into Cursor, Codex, Claude Code, or Windsurf.
Find the Mighty use cases in this product.
For each workflow, identify:
- The trust boundary.
- The untrusted material type.
- Whether AI, OCR, IDP, agents, or automation will use the material.
- The right content_type, scan_phase, mode, focus, profile, and data_sensitivity.
- Where scan_group_id and session_id should be stored.
- How ALLOW, WARN, BLOCK, indeterminate, and pending are routed.
Prioritize:
- chat input and public output
- file uploads before OCR or storage
- OCR and IDP output
- image evidence and AI fraud review
- invoice and estimate review
- agent tool output
- batch intake
Acceptance criteria:
- Every high-risk trust boundary has a server-side scan.
- Every derived output scan reuses the correct scan_group_id.
- Review wording says Mighty flags suspicious evidence, not that it proves fraud.