Example integrations and reference implementations demonstrating how Palo Alto Networks Prisma AIRS (AI Runtime Security) can be used with third-party platforms.
IMPORTANT
The contents of this repository are community examples and reference implementations, supported as best effort by Palo Alto Networks. They are intended as starting points to illustrate integration patterns — review, adapt, and validate them for your own environment before any production use.
Prisma AIRS provides inline security for AI applications, scanning prompts, responses, and tool interactions in real-time. It detects threats like prompt injection, sensitive data exposure, malicious URLs, and toxic content before they impact your AI workflows.
For detection categories and use cases, see the Prisma AIRS documentation.
This repository collects example configurations, sample code, and reference patterns showing how Prisma AIRS can be embedded into AI gateways, LLM proxies, coding assistants, and automation platforms.
| Integration | Category | Prompt | Response | Streaming | Pre-tool | Post-tool |
|---|---|---|---|---|---|---|
| Anthropic (Hooks) | AI Coding Assistant | ✅ | ❌ | ❌ | ✅ | ✅ |
| Anthropic (MCP) | AI Coding Assistant | ✅ | ✅ | ❌ | ❌ | ❌ |
| Anthropic (Skill) | AI Coding Assistant | ✅ | ✅ | ❌ | ❌ | ❌ |
| OpenAI (Codex Hooks) | AI Coding Assistant | ✅ | ❌ | ✅ | ✅ | |
| Cline | AI Coding Assistant | ✅ | ❌ | ❌ | ✅ | ✅ |
| Cursor | AI Coding Assistant | ✅ | ❌ | ❌ | ✅ | ✅ |
| Windsurf | AI Coding Assistant | ✅ | ❌ | ❌ | ✅ | |
| Microsoft (Azure APIM) | API Gateway | ✅ | ✅ | ❌ | ❌ | ❌ |
| Google (Apigee) | API Gateway | ✅ | ✅ | ❌ | ❌ | ❌ |
| Kong (Custom Plugin) | API Gateway | ✅ | ✅ | ❌ | ❌ | ❌ |
| Kong (Request Callout) | API Gateway | ✅ | ❌ | ❌ | ❌ | ❌ |
| LiteLLM | AI Gateway | ✅ | ✅ | ✅ | ❌ | |
| n8n | Workflow Automation | ✅ | ✅ | ❌ | ❌ | ❌ |
| Portkey | AI Gateway | ✅ | ✅ | ❌ | ❌ | ❌ |
| TrueFoundry | AI Gateway | ✅ | ✅ | ❌ | ❌ | |
| GitHub (Actions) | CI/CD Pipeline | N/A | N/A | N/A | N/A | N/A |
| Jenkins (Pipeline) | CI/CD Pipeline | N/A | N/A | N/A | N/A | N/A |
Legend: ✅ Full support |
NOTE In order to scan streamed responses via gateway integrations, the LLM response must be buffered at the gateway (then scanned by AIRS) before being forwarded to the downstream application.
N/A — GitHub Actions uses Prisma AIRS Model Security (pre-deployment model file scanning), not AI Runtime Security. See the integration README for model scanning coverage.
N/A — Jenkins uses Prisma AIRS Model Security (pre-deployment model file scanning), not AI Runtime Security. See the integration README for model scanning coverage.
- AI Runtime Security (AIRS): Inline security that scans AI traffic in real-time, detecting prompt injection, data leakage, malicious code, and policy violations.
- Strata Cloud Manager: Management interface for configuring Prisma AIRS security profiles and generating API keys.
- Security Profile: Configuration that defines detection rules and actions (block, allow, alert) for scanned content.
- Guardrail: Security control in a partner platform that invokes Prisma AIRS to scan and validate AI requests/responses.