Plumb sits between your AI agents and every LLM provider to govern cost, cache redundant calls, and guard your data — in one line of code. Enforce budgets, cache redundant calls, and mask PII — without touching your agent logic.
client = OpenAI(
api_key="sk-your-provider-key",
base_url="https://plumb.samji.in/v1", # ← the only change
)Sign in with Google or GitHub and create a Plumb key instantly.
Swap the base_url in your existing OpenAI-compatible client. That's it.
Real-time cost, cache savings, and security events land on your dashboard.
Your agents are in production. Now make sure a 2am recursive loop doesn't cost $10,000 — or leak a customer's data to a public API.
4-layer token attribution (prompt, tool, memory, response) with per-tenant daily budget caps. A runaway loop is severed in under a second — before it hits your bill.
blake3-hashed request intent (messages + tools, tenant-isolated) short-circuits redundant LLM calls. You see actual spend vs. naive list-price — and the prompt-cache savings.
Inline, reversible PII redaction with an RBAC vault + audit trail, prompt-injection & tool-poisoning defense, and base64 exfiltration detection — before data leaves your walls.
Every request gets an x-trace-id with its full governance decision path, and can be deterministically replayed. Debug what your agents actually did — not what the logs claim.
Detects a session re-issuing the same intent repeatedly and hard-stops it with a 429 before it burns budget. Configurable window and threshold — no code changes needed.
Block, redact, alert, or log requests matching configurable security rules. Catches credential exfil, SQL injection, and prompt-injection by default — extend with your own patterns.
3-tier tenant-isolated memory (working, episodic, semantic) with sensitivity labels, clearance-gated reads, optimistic concurrency, and full version history.
Per-provider circuit breaker with automatic failover — including a local Ollama fallback for data sovereignty. SSE streaming pass-through with background token accounting.
Traditional proxies only see paths and headers. When agents talk over MCP (JSON-RPC) or Agent-to-Agent, they go blind. Plumb parses the request body once and shares it across every analyzer.
async fn handle_proxy(req) { // parse the intent once, share everywhere let v = parse_body(&req); guard.analyze(&v); // injection + PII loop_breaker.check(&v); // runaway cost if let Some(hit) = cache.get(&v) { return hit; // blake3 semantic cache } stream_to_agent(upstream).await }
See what a single unattended agent loop could cost — without governance.
Normal hourly cost
$15.00
Overnight loop · 8h undetected
$120.00
Plumb severs runaway loops in under a second with per-request budget enforcement.
Pure-Rust binary, one Docker image. Runs in your VPC — your data never has to leave.
Masking is reversible only via an RBAC-gated, fully-audited reveal. Logs are treated as production secrets.
Your upstream Authorization header is passed through untouched. Plumb never stores provider keys.
Every request is traced end-to-end. Full governance decisions, latency, and cost are recorded and replayable for compliance.
Free for your first project. No credit card. One line of code to integrate.