Compare · gateways vs authority
Gateways route. We authorize.
Cloudflare AI Gateway, Lakera Guard, Portkey, OpenRouter are LLM provider gateways — they handle routing, retries, rate-limits, and content filtering. Intended is the authority surface above them. We answer whether the action should happen, not whether the request is well-formed.
02 · What each layer does
Cloudflare · Portkey · OpenRouter
Routing, retries, rate-limits, cost tracking, content filtering. Operate on the request, not the intent.
Lakera · NeMo Guardrails
Output-shape validation. Prompt-injection detection. Toxicity classifiers. Run at the model boundary, not the action boundary.
OPA · Cedar
Boolean policy evaluation. Stateless. Answer permitted/denied based on attributes — not against business processes.
Authority surface
Intent verified against business process. Policy + conformance + risk combined. Cryptographic token issued or refused. Decision-grade.
Use them all. They’re not in competition.
Gateways handle the request. Guardrails handle the output. Policy engines answer permitted. Intended answers intended. The stack works together.