Skip to main content

Welcome

The Orcho Risk Generation API provides endpoints for assessing the risk of AI prompts and code changes before execution. Get risk scores from 0-100 with detailed breakdowns across multiple risk factors.

Generate Risk Score

Assess risk based on prompt text only

Risk with Context

Assess risk with full code context and dependency analysis

Base URL

All API requests should be made to: 
https://app.orcho.ai

Authentication

All API endpoints require authentication using Bearer tokens. Include your API key in the Authorization header of every request. 
curl -X POST 'https://app.orcho.ai/risk/api/v1/generate-risk' \
  -H 'Authorization: Bearer YOUR_API_KEY' \
  -H 'Content-Type: application/json'
Never expose your API key in client-side code or public repositories. Store it securely in environment variables.

Risk Assessment Overview

The API evaluates AI tasks across multiple risk dimensions:
Analyzes prompts for presence of personally identifiable information (PII), credentials, API keys, and other sensitive data that could pose security risks if exposed.
Evaluates whether the prompt contains all necessary components for successful execution, identifying missing context, unclear instructions, or ambiguous requirements.
Measures the potential impact on your codebase by analyzing dependency graphs to determine how many files and components could be affected by changes. Requires code context.
Assesses the complexity of the task based on the number of files, dependencies, and interconnections in the provided context.
Estimates the likelihood of AI model hallucinations based on prompt characteristics, task complexity, and available context.

Risk Score Interpretation

Risk scores range from 0.0 to 1.0 (decimal values):
Score RangeRisk LevelRecommendation
< 0.2MinimalSafe to proceed automatically
0.2 - 0.39LowMonitor - minimal risk detected
0.4 - 0.59MediumReview recommended - some risk factors detected
0.6 - 0.79HighReview required - significant risk factors present
≥ 0.8CriticalBlock - high risk detected
Scores are returned as decimal values (e.g., 0.65 for high risk), not percentages.

Rate Limits

API requests are rate-limited to ensure fair usage and system stability. If you exceed rate limits, you’ll receive a 429 status code.
Contact [email protected] to discuss higher rate limits for enterprise usage.

Health Check

Use the health check endpoint to verify API availability: 
curl https://app.orcho.ai/health

{
  "status": "healthy",
  "version": "1.0.0",
  "timestamp": "2025-01-08T15:30:00Z"
}

Error Handling

The API uses standard HTTP status codes and returns detailed error information:
Status CodeMeaning
200Success
400Bad Request - Invalid input
401Unauthorized - Invalid or missing API key
429Rate Limit Exceeded
500Internal Server Error
{
  "success": false,
  "error": "Invalid prompt format",
  "error_code": "HTTP_400",
  "details": {
    "status_code": 400
  }
}

Support

Need help? Reach out to our team:

Documentation

Browse our complete documentation

Support

Email our support team