PPromptCanary
Sign inStart free
Trust and security

Know what PromptCanary stores, what it calls, and what stays visible.

PromptCanary makes a small promise on purpose: call your endpoint safely, protect the data it stores, and show enough context that a failed check is immediately understandable instead of vague or noisy.

Read docs
Your data

See what gets stored, how it is encrypted, and when retained artifacts are cleaned up.

Your endpoints

Production monitors call your HTTPS endpoint directly with SSRF guardrails and redirect limits.

Your visibility

Run history, scheduler activity, alert outcomes, and pass-vs-fail comparisons stay visible in-product.

Current controls

What is in place today

  • Production monitors call your endpoint over HTTPS. Local test endpoints stay limited to explicit test mode.
  • Monitor auth secrets and response artifacts are encrypted at rest before they touch persistent storage.
  • Artifact retention is bounded per plan and cleanup is part of the scheduled maintenance path.
  • CI quality-gate runs are stored in history without mutating the monitor's primary health state or firing alert notifications.
  • Run history, pause controls, and scheduler diagnostics stay visible so noisy automation is easier to understand and fix.
Scope boundaries

What PromptCanary is and is not

  • PromptCanary is a synthetic monitor, not a proxy for live user traffic.
  • The product is built for solo developers and small teams first, with shared workspace workflows before heavier enterprise layers.
  • The easiest starting point is an HTTP endpoint with one or two objective assertions you can trust.
  • We start with clear pass or fail checks like JSON validity, schema checks, and required keywords before adding subjective scoring.
Practical guidance

How to start without noisy alerts

  • Use fixture data that represents real regression risk without including customer PII.
  • Start with one monitor that protects revenue-critical behavior, then expand only after alert noise is low.
  • Start with clear pass or fail checks like JSON validity, schema checks, and required keywords before semantic scoring.
  • Use the billing and scheduler controls as part of launch readiness, not as afterthought cleanup.

Your AI feature is running. Is it still doing its job?

PromptCanary runs scheduled checks, alerts you when something changes, and can act as a CI quality gate before a risky prompt or model change ships. Start free with two monitors, no credit card required.

Start monitoring freeRead the CI guide