Built this because financial services and healthcare companies can't route data through SaaS gateways due to compliance requirements. Three-tier security pipeline (regex + DeBERTa-v3 + async LLM judge), semantic caching, and a behavioral contract DSL that lets compliance teams define rules like 'never provide investment advice' as a config file enforced inline on every response. Benchmarked on 406 samples, 63.5% combined recall with zero false positives. Would love some feedback and new ideas. Thank you