Skip to content
Klyo Changelog

Secure LLM lane for policy-flagged content

v1.10.0 feature high impact
  • routing
  • plugins
  • compliance
  • providers

Customers without on-premise GPUs can now nominate any trusted external or self-hosted model as the route for policy-flagged content. A new admin page configures the Secure LLM provider — OpenAI, Anthropic, Azure OpenAI, Google Gemini, Mistral, Groq, or any custom OpenAI-compatible endpoint. The API key is encrypted at rest and write-only: no administrator, including the one who saved it, can read it back; only a masked hint is shown.

The bundled on-premise model rail now has an administrator master switch. When both the Secure LLM and the on-prem rail are ready, a priority control picks which one serves flagged content. Replies served via the Secure LLM render a shield badge in chat with the configured model name in the tooltip.

No action required. Existing installs default to the prior routing behavior until an administrator configures the Secure LLM.