🔍 The Looking Glass — by OnlyAllowAI

See everything.
Trust nothing blindly.

The Looking Glass is an AI firewall that tests every AI agent before it touches your systems. One line of code — every request observed, challenged, and verified.

Open the Dashboard → See How It Works
🔍
your_app.py
1 import openai
2
3 client = openai.OpenAI(
4 base_url="https://api.openai.com/v1",
4 base_url="https://api.onlyallow.ai/v1", # ← the only change
5 api_key=os.environ["OPENAI_KEY"]
6 )
One line. Now every AI call flows through The Looking Glass.
12
Defense Layers
< 400ms
Speed Pass Latency
100%
Score Required
5 min
Key TTL
The Problem
Your AI has the same keys as your engineers
Every API gateway checks identity. None of them check if the AI actually understands what it's about to do.

🚫 Without The Looking Glass

# Your app talks directly to OpenAI client = openai.OpenAI( base_url="https://api.openai.com/v1" ) # AI has full access immediately # No competence check # One hallucination = DROP TABLE # Logs show nothing useful

✅ With The Looking Glass

# Same code — just a different URL client = openai.OpenAI( base_url="https://api.onlyallow.ai/v1" ) # AI must solve a riddle first # 100% score or no access # Glass Box shows every verdict # Self-hardening riddles evolve
How The Looking Glass Works
What happens inside the firewall on every request
From the moment your request arrives until the response comes back — every step visible.
🔒

1. Encrypt

Request is encrypted with AES-256-GCM before it leaves your app. Even if intercepted — unreadable.

Platform Layer

2. Speed Pass Check

Does this AI already hold a cached Capability Certificate? If yes — skip straight to forwarding. Under 400ms.

Speed Pass
🧩

3. Generate Riddle

No cert? The Looking Glass builds a contextual riddle from your real system data — database tables, service endpoints, team structures. Only an AI that truly knows your systems can solve it.

Riddle Matrix
📝

4. AI Solves the Riddle

The AI receives messy, real-world data (logs, config, metadata) and must extract the correct answers. A competent AI solves it instantly. An outsider can't even begin.

5. Grade & Decide

Every field checked. 100% correct = pass. Anything less = denied. No partial credit. A temporary key (5 min TTL) and Capability Certificate are issued.

Gate Layer
🚀

6. Forward to Provider

The request is sent to the real LLM (OpenAI, Claude, Groq, Bedrock — any provider). Your app receives the normal response. Zero code changes.

🔍

7. Log to The Looking Glass

Every action — riddle generated, score computed, cert issued or denied — is streamed live to The Looking Glass Dashboard via SSE. Full observability in real time.

Observable
Two Modules
Choose how riddle knowledge is built
The firewall works the same either way. The difference is where the riddle intelligence comes from.
👤
Module 1

Human-Led Firewall

A person onboards the AI with system knowledge — like onboarding a new employee. That knowledge becomes the riddle clues.

  • Human decides what the AI knows
  • Knowledge = riddle clues
  • No onboarding = impossible riddle
  • Full human accountability
🧠
Module 2

AI Brain Firewall

An AI Brain auto-scans your infrastructure and builds riddles automatically. No human intervention needed — the Brain keeps riddles fresh and evolving.

  • Scans your systems automatically
  • Builds the smartest riddles
  • Self-hardening when pass rates climb
  • Zero human overhead
The Looking Glass Dashboard
Watch every AI decision — live
Not just logs. A real-time feed showing which AI tried to access what, what riddle it received, how it scored, and what happened next.
Live Feed — The Looking Glass
agent-gpt4o-deploy
cloud_infrastructure → backend-prod
100% — PASSED
agent-claude-finance
finance_ops → payroll
60% — DENIED
agent-gpt4o-cicd
ci_cd → github-actions
SPEED PASS ⚡ 180ms
agent-groq-db
database_ops → postgres-main
100% — PASSED
agent-unknown-42
cloud_infrastructure → vpc-prod
0% — BLOCKED
agent-gpt4o-deploy
cloud_infrastructure → backend-staging
SPEED PASS ⚡ 210ms
Open Full Dashboard →
Use Cases
How businesses deploy The Looking Glass
Same one-line change. Different industries, different riddles, same protection.
SaaS / DevOps

🖥 AI deploys to production

Riddle tests: "What's the main branch? What's the staging URL? Which service owns /api/users?"

Finance / Banking

💰 AI accesses transaction data

Riddle tests: "Who is the CFO? What's the payroll DB table? What's the quarterly tax deadline?"

Healthcare

🏥 AI reads patient records

Riddle tests: "What EHR system is active? What's the patient ID format? What department owns this data?"

Cloud Infrastructure

☁️ AI manages AWS/GCP

Riddle tests: "What VPC is production? What's the CIDR block? Which IAM role has deploy access?"

E-Commerce

🛒 AI updates product catalog

Riddle tests: "What's the price table? What currency format? What's the max discount policy?"

Legal / Compliance

⚖️ AI reviews contracts

Riddle tests: "What jurisdiction? What case management system? What document classification level?"

Security
Everything built into The Looking Glass
Drop-in simplicity with enterprise security under the hood.
🔌

OpenAI-Compatible Proxy

Works with any app that talks to OpenAI, Claude, Groq, or Bedrock. Change one URL — that's it.

🔒

AES-256-GCM Encryption

End-to-end encryption. Data is encrypted before it leaves your app — even we can't read it in transit.

🧬

Self-Hardening Riddles

When pass rates climb above 90%, riddles automatically evolve to stay ahead. Security improves without human intervention.

Speed Pass

Trusted AI skips the riddle with a cached Capability Certificate. Repeat access in under 400ms.

🔐

Safe Room + Auto-Wipe

Locked sandbox with no internet access, auto-destroyed when the task completes. Applied on top of either module.

🔍

Full Observability

The Looking Glass Dashboard streams every verdict, every score, every decision — live via SSE. Nothing hidden.

One line of code. Full protection.

See every AI decision through The Looking Glass. No blind trust. No surprises.

Open the Dashboard → Read the Deep Dive