> ## Documentation Index
> Fetch the complete documentation index at: https://docs.enkryptai.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Policy Scan url

<Warning>
  **Legacy**: This page documents the legacy Policy Scan URL API. Use the new [Guardrail Scan URL](/api-introductions/guardrails-api-reference/guardrail-introductions/Guardrail_Scan_Url) instead, which supports separate input/output detectors via `X-Enkrypt-Mode`.
</Warning>

Scans a URL for security threats using a specific policy. The detector analyzes the provided URL and returns details about any detected threats, including which detectors were triggered and highlights of unsafe content, according to the selected policy.

## Example request:

<CodeGroup>
  ```python Python theme={"system"}
  import requests
  import json
  import os

  url = "https://api.enkryptai.com/guardrails/policy/scan-url"
  payload = json.dumps({
      "url": "https://example.com"
  })
  headers = {
      'Content-Type': 'application/json',
      'apikey': os.getenv('ENKRYPTAI_API_KEY'),
      'X-Enkrypt-Policy': 'my-policy'
  }
  response = requests.post(url, headers=headers, data=payload)
  print(response.json())
  ```

  ```python Python SDK theme={"system"}
  from enkryptai_sdk import *
  client = GuardrailsClient(api_key="YOUR_API_KEY")
  result = client.policy_scan_url("my-policy", "https://example.com")
  print(result)
  ```
</CodeGroup>

## Example response:

```json JSON theme={"system"}
{
    "summary": {
        "injection_attack": 1,
        "bias": 1,
        "policy_violation": 0
    },
    "details": {
        "url": "https://example.com",
        "metadata": {
            "title": "Example Domain",
            "language": "en"
        },
        "total_fragments": 2,
        "fragments_with_detections": 2,
        "detections": [
            {
                "unsafe_content": "Example Domain",
                "chunk_type": "title",
                "triggered_detectors": [
                    "bias"
                ],
                "detector_details": {
                    "injection_attack": {
                        "safe": "0.999417",
                        "attack": "0.000583",
                        "most_unsafe_content": "Example Domain",
                        "compliance_mapping": {}
                    },
                    "policy_violation": {
                        "policy_violation": {
                            "violating_policy": "No Violation Found",
                            "explanation": "No Violation Found"
                        }
                    },
                    "bias": {
                        "bias": {
                            "bias_detected": true,
                            "debiased_text": "Example Website",
                            "compliance_mapping": {
                                "owasp_llm_2025": [
                                    "LLM09:2025 Misinformation",
                                    "LLM04:2025 Data and Model Poisoning"
                                ],
                                "mitre_atlas": [],
                                "nist_ai_rmf": [
                                    "MEASURE 2.1-2.5 (AI system bias evaluation & management)"
                                ],
                                "eu_ai_act": [
                                    "Article 10(2)(f), Article 15(3) (Bias detection, correction & mitigation)"
                                ],
                                "iso_iec_standards": [
                                    "ISO/IEC TR 24027: 5.2 (Bias in AI systems)"
                                ]
                            }
                        }
                    }
                }
            },
            {
                "unsafe_content": "Example Domain This domain is for use in documentation examples without needing permission. Avoid use in operations. Learn more",
                "chunk_type": "text_block",
                "triggered_detectors": [
                    "injection_attack",
                    "bias"
                ],
                "detector_details": {
                    "injection_attack": {
                        "safe": "0.030481",
                        "attack": "0.969519",
                        "most_unsafe_content": "Example Domain This domain is for use in documentation examples without needing permission. Avoid use in operations. Learn more",
                        "compliance_mapping": {
                            "owasp_llm_2025": [
                                "LLM01:2025 Prompt Injection"
                            ],
                            "mitre_atlas": [
                                "AML.T0051: LLM Prompt Injection",
                                "AML.T0054: LLM Jailbreaking"
                            ],
                            "nist_ai_rmf": [
                                "MAP 2.3, MEASURE 2.3 (Input manipulation & adversarial attacks)"
                            ],
                            "eu_ai_act": [
                                "Article 15(4) (Robustness against manipulation)"
                            ],
                            "iso_iec_standards": [
                                "ISO/IEC 42001: 6.4.3",
                                "ISO/IEC 27001: A.14.2"
                            ]
                        }
                    },
                    "policy_violation": {
                        "policy_violation": {
                            "violating_policy": "No Violation Found",
                            "explanation": "No Violation Found"
                        }
                    },
                    "bias": {
                        "bias": {
                            "bias_detected": true,
                            "debiased_text": "This domain is intended for use in documentation purposes, providing a safe space for experimentation without impacting live systems.",
                            "compliance_mapping": {
                                "owasp_llm_2025": [
                                    "LLM09:2025 Misinformation",
                                    "LLM04:2025 Data and Model Poisoning"
                                ],
                                "mitre_atlas": [],
                                "nist_ai_rmf": [
                                    "MEASURE 2.1-2.5 (AI system bias evaluation & management)"
                                ],
                                "eu_ai_act": [
                                    "Article 10(2)(f), Article 15(3) (Bias detection, correction & mitigation)"
                                ],
                                "iso_iec_standards": [
                                    "ISO/IEC TR 24027: 5.2 (Bias in AI systems)"
                                ]
                            }
                        }
                    }
                }
            }
        ],
        "combined_highlight_url": "https://example.com#:~:text=Example%20Domain&text=Example%20Domain%20This,operations.%20Learn%20more"
    },
    "result_message": "Your custom message"
}
```
