COUTCHECK: catching the PII leak and the toxic line before your user does
The model's output is the other trust boundary. COUTCHECK scans responses for PII leakage and toxicity, and optionally validates JSON, returning a structured verdict you can act on.
Input guardrails get the attention, but the response is where the damage actually ships. A model can echo a customer's email back into a shared answer, slip a toxic line into a support reply, or return malformed JSON that crashes the caller. COUTCHECK is the gate on the way out: it scans the output for leaked PII, for toxicity, and — when you ask — for JSON validity.
The verdict is structured for action, not just observation: a pass/fail, the list of PII entities found, the toxic spans, and a JSON status. That shape lets you do the right thing per failure — redact the PII and continue, block the toxic response and regenerate, or reject the malformed JSON before it reaches a parser that would have thrown.
Five stages score every write before it can ever be served.
Like its input-side sibling, COUTCHECK is model-free and zero-egress. It doesn't phone a moderation API with your users' content; the scan happens in-process, which keeps it fast enough to sit in the response path and private enough to run under a compliance regime.
The bottom line
Treating output as a trust boundary is the unglamorous half of safety. The model is a generator, not an authority — COUTCHECK is the editor who reads every line before it's published.