TOWER / SECURITY

Lobster Trap

Prompt injection defense layer. Every Gemini Vision call passes through these policies before extraction begins.

All systems operational

5 active policies · 0 incidents · monitoring every Gemini call

policy v2026-05-19

How Lobster Trap protects your extractions

Intercept

Every screenshot or URL submitted to Tower is intercepted before reaching Gemini.

Inspect

All 5 policies run in parallel — EXIF scan, injection grammar check, schema validation.

Allow or Quarantine

Clean requests proceed to Gemini. Adversarial content is quarantined with full audit trail.

Prompt Injection Guardcritical ACTIVE

Detects embedded instructions in screenshots (e.g. 'ignore previous instructions', 'act as', 'system:') that could hijack Gemini extraction.

image-injection-instruction-grammar

EXIF Metadata Scanhigh ACTIVE

Inspects image EXIF data for hidden payloads or unusual metadata that could carry adversarial content.

image-exif-suspect

Content Mismatch Checkmedium ACTIVE

Compares declared page type (pricing, blog, careers) against detected content. Flags suspicious mismatches.

declared-vs-detected-mismatch

Output Schema Enforcementmedium ACTIVE

Validates all Gemini responses against a strict signal schema. Rejects any output that deviates from the expected format.

output-schema-enforcement

Extraction Rate Limiterlow ACTIVE

Prevents abuse of the Gemini Vision API. Limits extraction requests per session and blocks automated mass extraction attempts.

rate-limit-abuse

Try the adversarial demo

Go to Live Extract, click the red "adversarial/injection-01.png" sample and watch Lobster Trap block it in real time.