> ## Documentation Index
> Fetch the complete documentation index at: https://docs.enkryptai.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Guardrail Scan URL

> Scan a URL for security threats using a saved guardrail



## OpenAPI

````yaml POST /guardrails/guardrail/scan-url
openapi: 3.0.0
info:
  title: Enkrypt AI APIs
  version: 2.0.0
servers:
  - url: https://api.enkryptai.com
security:
  - apiKeyAuth: []
tags:
  - name: Guardrails
  - name: Code of Conduct
  - name: Endpoints
  - name: Datasets
  - name: Redteam
  - name: Deployments
  - name: AI Proxy
  - name: Leaderboard
  - name: Archived
  - name: MCP Hub
    description: >-
      MCP Hub vulnerability scanning APIs. Submitting scans (the POST endpoints)
      is open to all authenticated callers. The scan **retrieval** APIs — Get
      Scan Job Status, Get Complete Scan Results, List Scans, and Get MCP Hub
      Scan Statistics (the GET endpoints) — are an **enterprise data-license
      feature**: they require your organization to have MCP Hub API access
      enabled by Enkrypt, otherwise they return `403`. Contact us at
      support@enkryptai.com to enable access.
  - name: MCP Registry Servers
  - name: MCP Gateways
  - name: MCP Playground
paths:
  /guardrails/guardrail/scan-url:
    post:
      tags:
        - Guardrails
      summary: Scan URL Using Guardrail
      description: >-
        Scans a URL for security threats using a guardrail. Use X-Enkrypt-Mode
        to select input (prompt) or output (response) detectors.
      operationId: guardrail_scan_url
      parameters:
        - name: X-Enkrypt-Guardrail
          in: header
          required: true
          schema:
            title: Guardrail Name
            type: string
            description: The guardrail name
            example: My Guardrail
        - name: X-Enkrypt-Mode
          in: header
          required: true
          schema:
            title: Mode
            type: string
            enum:
              - prompt
              - response
            description: Whether to apply input (prompt) or output (response) detectors
            example: prompt
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/GuardrailScanUrlRequestBody'
      responses:
        '200':
          description: Scan results for the provided URL using the specified guardrail.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ScanUrlResponseBody'
components:
  schemas:
    GuardrailScanUrlRequestBody:
      title: GuardrailScanUrlRequestBody
      type: object
      properties:
        url:
          type: string
          format: uri
          description: The URL to scan and analyze.
      required:
        - url
    ScanUrlResponseBody:
      title: ScanUrlResponseBody
      type: object
      required:
        - summary
        - details
      properties:
        summary:
          type: object
          description: Summary counts of detections by detector type.
          additionalProperties:
            type: integer
        details:
          $ref: '#/components/schemas/ScanUrlDetails'
    ScanUrlDetails:
      title: ScanUrlDetails
      type: object
      description: >-
        Detailed scan results including URL metadata and fragment-level
        information.
      properties:
        url:
          type: string
          format: uri
          description: The URL that was scanned.
        metadata:
          $ref: '#/components/schemas/ScanUrlMetadata'
        total_fragments:
          type: integer
          description: Total number of text fragments extracted from the URL.
        fragments_with_detections:
          type: integer
          description: Number of fragments that had detections.
        detections:
          type: array
          description: List of detections found in the URL content.
          items:
            $ref: '#/components/schemas/ScanUrlDetection'
        combined_highlight_url:
          type: string
          format: uri
          description: URL with text fragment highlights for all detections.
    ScanUrlMetadata:
      title: ScanUrlMetadata
      type: object
      description: Metadata extracted from the scanned URL.
      properties:
        title:
          type: string
          description: The page title.
        description:
          type: string
          description: The page meta description.
        language:
          type: string
          description: The detected language of the page content.
    ScanUrlDetection:
      title: ScanUrlDetection
      type: object
      properties:
        unsafe_content:
          type: string
          description: The content that was flagged as unsafe.
        chunk_type:
          type: string
          description: The type of content chunk that was analyzed.
        triggered_detectors:
          type: array
          items:
            type: string
          description: List of detectors that flagged this content.
        detector_details:
          type: object
          additionalProperties: true
          description: >-
            Detailed results from each detector, including compliance mapping
            where applicable.
  securitySchemes:
    apiKeyAuth:
      type: apiKey
      in: header
      name: apikey

````