Guide
How to audit a Claude API relay safely
To audit a Claude-compatible relay safely, run the audit locally, point it only at the relay URL you intend to test, and review each finding as evidence rather than as a safety certificate.
Safe audit checklist
- Use a scoped API key with limited budget when possible.
- Run the standalone `audit.py` locally so the key does not pass through a separate web checker.
- Save the Markdown report and review red, yellow, and inconclusive items.
- Do not publish real relay credentials, private domains, wallet addresses tied to private use, or raw traffic captures.
Command
curl -sO https://raw.githubusercontent.com/toby-bridges/api-relay-audit/master/audit.py
python audit.py \
--key <YOUR_KEY> \
--url <BASE_URL> \
--model claude-opus-4-6 \
--output claude-relay-audit.mdClaude-specific checks
| Area | What API Relay Audit checks |
|---|---|
| Identity | Non-Claude identity leaks, model substitution wording, and stream model identity where available. |
| Streaming | Anthropic-style SSE event types, usage monotonicity, thinking signature presence, and stream model consistency. |
| Prompt path | Token injection, prompt extraction, instruction conflict, and jailbreak behavior. |
| Tool path | Text-echo package command integrity for tool-call rewriting risks. |
Interpreting inconclusive results
Inconclusive means the probe could not establish a clean or anomalous result. It may happen because the relay blocks a request, does not support a format, truncates an answer, or returns an ambiguous response. Do not treat inconclusive as clean.
Example report
For the report shape without real relay data, see the sanitized fixture report.