Enforce PII policies, block prompt injections, and route by cost across OpenAI, Claude, Llama, Gemini and Every Major LLM. Secure your vision and text prompts with the world's most versatile AI security gateway — with just one line of code.
100% OpenAI SDK Compatible. Works with GPT, Gemini, Grok, Claude, Llama 4, Mistral and 100+ more models across 8 providers. No vendor lock-in.
Enough for 3,000+ secure requests. No credit card required.
Powering Production AI via
How It Works
If your app already uses the OpenAI library (the most popular AI toolkit), you only need to change two settings. If you're starting fresh, it's just as easy.
Create a free account with Google or GitHub. Generate an API key in your dashboard. It starts with os_hub_ and is your password for all AI requests.
In your code, change the API key and base URL to point to OpenSourceAIHub instead of OpenAI. Everything else stays the same. Same SDK, same code structure.
Every request is now automatically scanned for sensitive data, routed to the most cost-efficient provider available, and logged for your dashboard. You don't need to do anything else.
What Is an AI Firewall?
When your app sends a prompt to an AI model, that message travels to a third-party server. If it contains PII — names, emails, credit cards, passwords — that data is now outside your control. An AI Firewall inspects every message before it leaves and removes anything sensitive. The AI still responds — but never sees your private data.
The Request Journey
Your App
Sends the request
DLP / AI Firewall
Scans & cleans data
Smart Router / Budget
Optimizes cost & enforces limits
Provider Routing
BYOK / Managed / Failover
AI Provider
Returns response
PII is removed and spend is capped inside the Hub. The AI provider only receives clean, governed requests.
Without the Hub
“Summarize this: John Smith, email john@company.com, SSN 123-45-6789, had a billing issue...”
The AI company receives real names, emails, and SSNs.
With the Hub
“Summarize this: [PERSON], email [EMAIL], SSN [US_SSN], had a billing issue...”
The AI company only sees placeholders. Real data never leaves your control.
Built For
Ship AI without leaking customer data. Compliant from day one.
Drop-in OpenAI SDK replacement with automatic PII removal and cost routing.
GDPR & PCI templates. Every request logged. No data stored.
Smart Routing optimizes across 8+ providers. Stop overpaying a single vendor.
No credit card required · Start in 60 seconds
The Neutral Layer
Routing proxies forward your prompts. We govern them — enforcing data policies, blocking threats, and capping spend before a single token leaves your infrastructure.
Hosted on Vercel, AWS, Fly.io, or bare metal? Doesn’t matter. The Hub is a standalone API gateway that secures your AI traffic regardless of where your app runs. No vendor tie-in, no platform dependency.
OpenRouter and similar proxies route requests but don’t inspect them. We actively scan every prompt for 28+ PII entity types across text and images (OCR) — and block or redact before the data leaves your control.
Set hard credit limits per API key to prevent “bill shock” across all providers. A runaway loop or traffic spike hits your budget ceiling and stops — not your bank account.
| Capability | Vercel AI / OpenRouter | OpenSourceAIHub |
|---|---|---|
| Vendor Neutral | Partial | |
| PII Firewall (Text + OCR) | No | |
| Budget Enforcement | No | |
| BYOK + Wallet Hybrid | No | |
| DLP Policy Engine | No | |
| Prompt Injection Blocking | No |
No credit card required · Start in 60 seconds
If your app already uses the OpenAI library (the most popular way to call AI models), switching to the Hub takes about 30 seconds. Just change the API key and the URL. See below.
const openai = new OpenAI({
apiKey: 'OPENAI_KEY'
});
const res = await openai.chat.completions.create({
model: 'gpt-4o',
messages: [{ role: 'user', content: prompt }]
});const openai = new OpenAI({
apiKey: 'os_hub_live_abc123',
baseURL: 'https://api.opensourceaihub.ai/v1'
});
// Smart-routed. No provider lock-in.
const res = await openai.chat.completions.create({
model: 'oah/llama-3-70b',
messages: [{ role: 'user', content: prompt }]
});< 50ms
Firewall overhead
28+
PII entities scanned
Auto
Provider failover
No credit card required · Start in 60 seconds
Features & Deep Security
Most security tools only check the latest message. We scan your entire conversation history and even text inside images. Here's the full picture.
Direct / OpenAI
Single Provider (Locked)
OpenSourceAIHub
100+ Models (GPT-4o, Gemini, Llama, Claude...)Direct / OpenAI
Black Box
OpenSourceAIHub
DLP Firewall (28+ PII Entities)Direct / OpenAI
None
OpenSourceAIHub
OCR-Based Image PII Scanning — Blocks on DetectDirect / OpenAI
None
OpenSourceAIHub
Full Conversation History DLP (Every Message, Every Request)Direct / OpenAI
Limited / Unknown
OpenSourceAIHub
Heuristic Jailbreak BlockingDirect / OpenAI
~$5.00
OpenSourceAIHub
From $0.60 (Smart-Routed)Direct / OpenAI
None
OpenSourceAIHub
Custom Regex "IP Guard"Direct / OpenAI
Single Point of Failure
OpenSourceAIHub
Multi-Provider Failover (Auto-Retry)| Feature | Direct / OpenAI | OpenSourceAIHub |
|---|---|---|
Model Selection | Single Provider (Locked) | 100+ Models (GPT-4o, Gemini, Llama, Claude...) |
Data Privacy | Black Box | DLP Firewall (28+ PII Entities) |
Vision / Image Security | None | OCR-Based Image PII Scanning — Blocks on Detect |
Context-Aware Scanning | None | Full Conversation History DLP (Every Message, Every Request) |
Injection Defense | Limited / Unknown | Heuristic Jailbreak Blocking |
Avg Cost / 1M Tokens | ~$5.00 | From $0.60 (Smart-Routed) |
IP Protection | None | Custom Regex "IP Guard" |
Uptime Assurance | Single Point of Failure | Multi-Provider Failover (Auto-Retry) |
No credit card required · Start in 60 seconds
Pricing
No hidden fees. No surprise bills. Two plans — pick the one that fits your needs.
Choose Managed Credits if...
Choose Pro BYOK if...
Both plans include the full AI Firewall and 100+ models. Managed Credits adds Smart Routing (optimizes for cost efficiency across providers). BYOK routes directly to your chosen provider. Switch anytime.
Best for beginners, prototypes & small apps
| Tier | Example | Price (Credits)Credits are deducted atomically based on our cost-optimization engine. Estimates include the standard Hub service fee. |
|---|---|---|
| Performance | Flux.1-schnell | 3,750 (~$0.004) |
| Standard | SDXL | 50,000 (~$0.05) |
| Premium | DALL-E 3 | 100,000 (~$0.10) |
Best for teams and production apps
Hybrid Mode — Best of Both
Pro subscribers can use their own keys for some providers and fall back to Hub Credits for the rest. If you have an OpenAI key but not a Gemini key, GPT requests use your key (0% markup) while Gemini requests route through Managed Mode. The Hub resolves keys automatically — no configuration needed.
Both plans include the full AI Firewall with DLP protection across 100+ models. Switch anytime.
Model pricing is based on our internal cost-optimization engine. While we aim to provide competitive rates across our provider network, final pricing is subject to provider availability and real-time market fluctuations. Routing is best-effort and does not guarantee the absolute lowest cost on every request. All Managed Mode usage includes a service fee (25% open-weight / 30% closed models) for security and infrastructure management. See Section 25 of our Terms.
FAQ
It’s a security layer that sits between your app and AI companies like OpenAI, Groq, or Mistral. When your app sends a message to AI, the Hub checks it first — removes any sensitive data (like emails, passwords, or credit card numbers), selects the most cost-efficient available provider, and then forwards the cleaned message. Think of it as a security guard and cost-optimization engine combined.
No. We only log metadata (like "1 email address was blocked") — we never store the actual content of your messages or the AI’s responses. Your data passes through our security layer and is forwarded to the AI provider. Nothing is saved on our servers.
If your app uses the OpenAI SDK (the most popular AI library), you only need to change two lines: the API key and the base URL. Everything else — your models, your prompts, your response handling — stays exactly the same.
BYOK stands for "Bring Your Own Key." It means you already have an account (and API key) with a provider like OpenAI, Google Gemini, xAI, Groq, or Together.ai. On the Pro plan, you save those keys in the Hub, and we use them to make AI calls on your behalf — so you pay the provider directly at their regular price with zero Hub markup. BYOK also unlocks premium models like GPT-4o and Gemini Pro.
That’s perfectly fine! The "Managed Credits" plan is designed exactly for this. Add credits to your Hub wallet (10M Credits / $10 minimum), and we handle everything — we use our own provider accounts to process your requests.
No. Every request is protected from your very first API call. The Hub applies a "Maximum Protection" default policy that scans for all 28 entity types (emails, credit cards, SSNs, API keys, prompt injection attacks, and more) and redacts any matches before the AI model sees them.
The security check adds less than 50 milliseconds for text — that’s faster than a blink. For images, it takes about 0.5–1 second depending on image size. Every response includes timing headers so you can verify this yourself.
Yes. Pro subscriptions are managed through Stripe — cancel with one click anytime. Wallet balances never expire, so any prepaid credits stay in your account.
More questions? Check our full documentation for in-depth guides on tokens, providers, DLP policies, and more.
No credit card required · Start in 60 seconds
Stop guessing which model is best for your prompts. We're building the world's first Financial & Quality Optimizer for production AI.
Project-level budget controls, agent-loop protection, document sovereignty, streaming output scanning, and more.
See the full roadmapSign up in 60 seconds and get 1,000,000 free Hub Credits — enough for 3,000+ secure requests. No credit card required. No complicated setup.
No credit card required · Start in 60 seconds