Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.tuteliq.ai/llms.txt

Use this file to discover all available pages before exploring further.

v1.7.0 — May 2026

Emotional Distress Detection (Early Warning)

  • POST /v1/safety/emotional-distress — detects pre-vulnerability emotional distress signals before exploitation begins
  • Based on criminological research: emotional distress is both a consequence AND a driver of vulnerability to child sexual exploitation
  • 12 distress signal categories: loneliness, feeling unheard, overwhelm, low self-worth, trust-seeking, withdrawal, family conflict, identity distress, academic pressure, sleep disturbance, appetite change, emotional numbing
  • Exploitation risk assessment — returns per-type vulnerability scores for grooming, sextortion, trafficking, radicalisation, self-harm, and substance use
  • Vulnerability level scoring — none, low, elevated, high, critical
  • Key risk combinations: loneliness + trust-seeking = HIGH grooming risk; family conflict + withdrawal = HIGH trafficking risk; low self-worth + overwhelm = HIGH sextortion risk
  • 5 credits per call

Tech-Facilitated Gender-Based Violence (TFGBV) Detection

  • POST /v1/safety/tfgbv — detects technology-facilitated gender-based violence, rooted in gender inequalities and power imbalances
  • 13 TFGBV categories: image-based abuse, cyber stalking, online harassment, doxing, impersonation, outing, post-separation abuse, sextortion, digital coercion, sexualised deepfakes, gendered hate speech, reproductive surveillance, economic abuse digital
  • TFGBV amplifier assessment — identifies which technology amplifiers are active: scale, speed, anonymity, permanence, cross-border reach
  • Intersectionality flags — identifies compounding discrimination factors (LGBTQIA+, disability, racial, etc.)
  • Child-specific detection with heightened sensitivity for minors
  • 5 credits per call

Multi-Endpoint Support

  • Both new endpoints available in /analyse/multi — use endpoint IDs emotional-distress and tfgbv
  • MCP tools: detect_emotional_distress and detect_tfgbv

v1.6.1 — April 2026

Credit Pricing Update

All per-endpoint credit costs have been revised to reflect processing complexity more accurately. See Pricing & Credits for the full breakdown. Text & Safety Detections: 5 credits per call (was 1)
  • detectBullying, detectUnsafe, detectSocialEngineering, detectAppFraud, detectRomanceScam, detectMuleRecruitment, detectGamblingHarm, detectCoerciveControl, detectVulnerabilityExploitation, detectRadicalisation
Conversation-Based: 6 credits per 10 messages (was 1)
  • detectGrooming, analyzeEmotions
Analysis & Guidance:
  • getActionPlan: 9 credits (was 2)
  • generateReport: 13 credits (was 3)
Media:
  • analyzeImage: 7 credits (was 3)
  • analyzeVoice: 21 credits base + 15 per extra minute over 60s (was flat 5)
  • analyzeVideo: 95 credits (was 10)
  • Voice stream (per flush): 7 credits (was 1)
  • Video stream (per frame): 7 credits (was 3)
  • detectSyntheticContent: 5 credits (was 2)
Verification:
  • verifyAge (full): 20 credits (was 5)
  • verifyAge (liveness only): 10 credits (new)
  • verifyIdentity: 25 credits (was 10)
Document Analysis:
  • analyzeDocument: minimum 10 credits (was 3)

Age & Identity Verification Improvements

  • Liveness-only mode now charged at 10 credits (reduced from full verification cost)
  • Passport number validation — passport document numbers are no longer incorrectly validated against national ID formats (e.g., Swedish personnummer)
  • Vision AI OCR fallback — when Tesseract OCR fails, document fields (name, DOB, document number) are extracted via vision AI and the confidence score reflects the extraction quality
  • i18n for camera overlay — all liveness challenge text (instructions, blink/smile prompts) now translates correctly when switching languages

v1.6.0 — April 2026

Multi-Signal Forensic Synthetic Content Detection

The synthetic content detection pipeline has been completely rebuilt into a multi-signal forensic system that runs up to 6 independent analysis engines in parallel for images and 5 for video — replacing the previous single-model approach. Image Detection — 6-Signal Pipeline:
  • EXIF Metadata Extraction — Detects AI generator signatures in EXIF tags, XMP data, and PNG tEXt chunks (Stable Diffusion parameters). Flags suspicious absence of camera metadata (no camera model + no GPS + high resolution).
  • Pixel Statistics — Shannon entropy, Laplacian edge density, and channel uniformity analysis. GAN images produce distinctive statistical signatures.
  • C2PA Content Credentials — Detects and validates C2PA manifests from DALL-E 3, Adobe Firefly, Google Imagen. When C2PA declares AI generation, the result is forced to confirmed_synthetic with confidence ≥ 0.95.
  • Invisible Watermark Detection — High-frequency energy analysis, periodic pattern detection at known watermark frequencies, LSB distribution analysis, and corner entropy checks.
  • Perceptual Hashing (pHash) — DCT-based 64-bit perceptual hash compared against a Redis-backed database of known synthetic content via Hamming distance. Matches force confirmed_synthetic.
  • Weighted Signal Aggregation — All signals aggregated into a weighted ensemble (vision 30%, metadata 15%, pixel stats 15%, C2PA 15%, watermarks 10%, pHash 15%) with fault isolation via Promise.allSettled.
Audio Detection — Spectral Forensics:
  • Mel Spectrogram Analysis — FFmpeg generates a mel spectrogram image, analyzed by a dedicated vision prompt for frequency band uniformity, harmonic anomalies, missing breath noise, onset/offset patterns, and aliasing artifacts.
  • Quantitative Audio Statistics — RMS mean/peak, dynamic range, silence ratio, flat factor, and DC offset extracted via FFmpeg astats filter.
  • Spectral analysis runs in parallel with transcription. Even speech-free audio can be flagged if spectral patterns indicate synthesis.
Video Detection — Temporal + Lip-Sync:
  • Temporal Consistency Analysis — face-api.js tracks face identity across frames via 128-dimensional descriptor Euclidean distance. Real faces: < 0.4, deepfakes: spikes > 0.6. Landmark stability measured via eye-to-nose ratio variance.
  • Lip-Sync Correlation — Mouth openness from 68-point face landmarks correlated against frame-aligned audio energy. Pearson correlation > 0.5 = authentic, < 0.3 = deepfake. Detects silent mouth movement and voice-without-movement.
  • All 5 video analysis tracks (per-frame vision, temporal consistency, lip-sync, spectral, transcription) run via fault-isolated Promise.allSettled.
Account-Level Profiling:
  • GET /v1/safety/synthetic-content/profile/:customer_id — 30-day rolling window with synthetic count, account score, trend detection (increasing/stable/decreasing), and category distribution.
  • Automatic, zero-cost profiling when customer_id is provided on any detection request.
New Response Fields (additive — no breaking changes):
  • Image: metadata_analysis, provenance, forensic_signals, perceptual_hash, known_synthetic_match
  • Audio: audio_stats, spectral_signals
  • Video: temporal_consistency, lip_sync, audio_stats, spectral_signals

Age & Identity Verification Improvements

  • ICAO 9303 MRZ Validator — Full check digit validation for TD1 (ID cards, 3×30), TD2 (ID cards, 2×36), and TD3 (passports, 2×44) Machine Readable Zones with weighted mod-7 algorithm
  • PDF417 Barcode Reader — Decodes AAMVA-structured data from US/Canadian driver’s licenses via zxing-wasm — extracts name, DOB, expiry, document number, address, and more
  • 45-Country Document Number Validator — Algorithmic check digit verification for CPF (Brazil), personnummer (Sweden), Aadhaar (India), Codice Fiscale (Italy), CURP (Mexico), SSN (US), SIN (Canada), TFN (Australia), and 37 more country-specific document formats
  • Visual Liveness Analyzer — Multi-signal liveness detection: landmark motion analysis, texture analysis (Laplacian variance + moire detection), depth cue analysis (face/background sharpness ratio), and cross-frame consistency checks
  • AI-Powered Document Authenticator — Vision model analyzes document layout, security features, fonts, color consistency, and photo integration against known templates. Detects screen photos, printout recaptures, and digital manipulation.
  • MRZ/OCR/Barcode Cross-Referencing — Compares name, DOB, and document number between MRZ, OCR text, barcode data, front and back sides, flagging any inconsistency as potential tampering

v1.5.0 — March 2026

Document Analysis

  • POST /v1/safety/document — Upload a PDF (max 50 MB, 100 pages) for multi-endpoint safety analysis with per-page detection results
  • Supports 8 detection endpoints: unsafe, bullying, grooming, social-engineering, coercive-control, radicalisation, romance-scam, mule-recruitment
  • SHA-256 document hashing for chain-of-custody verification in compliance audits
  • Zero-retention processing — no document data stored after response
  • Bounded concurrency (3 pages at a time) with text chunking for long pages

Dynamic Credit Pricing for Documents

  • Document analysis uses per-page, per-endpoint pricing: max(10, pages_analyzed × endpoint_count) (minimum updated in v1.6.1)
  • Each page-endpoint combination costs 1 credit
  • Minimum charge of 10 credits covers extraction overhead
  • Examples: 5 pages × 3 endpoints = 15 credits; 20 pages × 8 endpoints = 160 credits

Model Refinements

  • TCO Regulation classification — Radicalisation responses now include EU Regulation 2021/784 Art. 2(7) content classification
  • Self-harm CONTAGION sub-category — Detects suicide pacts, method sharing, cluster effects, and gateway escalation
  • PII/Doxxing detection — New PII_DOXXING category for doxxing threats and digital footprint weaponisation
  • Legacy response normalization — Bullying, grooming, and unsafe endpoints now include a normalized block with a unified response shape matching newer endpoints

v1.4.4 — March 2026

New Features

  • country context field — Pass an ISO 3166-1 alpha-2 country code (e.g., "GB", "US", "SE") in the context object to receive geo-localised crisis helpline data in detection responses. Falls back to user profile country if omitted.
  • Improved action escalation for minors — All detection endpoints now enforce a minimum flag_for_review action when harm is detected and the subject is a minor. Criminal indicators (SEXTORTION, TRAFFICKING, CSAM, DEBT_BONDAGE, FORCED_CRIMINALITY, HONOUR_ESCALATION) targeting minors automatically escalate to immediate_intervention.
  • Graduated risk scoring — Risk scores now use the full 0.0–1.0 range with graduated bands instead of clustering around a single value.
  • Evidence tactic normalization — Evidence tactic fields are now always returned in SCREAMING_SNAKE_CASE format (e.g., "EMOTIONAL_MANIPULATION" instead of "Emotional Manipulation").

SDK Releases

  • @tuteliq/sdk v2.5.0 — adds country context field, graduated risk scoring, tactic normalization
  • @tuteliq/mcp v3.7.0 — adds country context field, minor action escalation, tactic normalization

v1.4.3 — March 2026

Bug Fixes & Improvements

  • support_threshold now works correctly across all 11 detection endpoints — setting "critical" correctly suppresses crisis helplines for High severity results. Previously the parameter was accepted without error but had no effect on the response.
  • sender_trust: "verified" fully suppresses AUTH_IMPERSONATION — verified senders no longer trigger impersonation detection. Routine urgency (schedules, deadlines, appointments) is also suppressed. Only genuinely malicious elements (credential theft, phishing links, financial demands) will flag a verified sender.
  • Empty categories field in detect_unsafe fixed — stronger prompt enforcement and code-level fallback extraction ensure the categories array is populated when the rationale references specific harms.
  • MCP session recovery — stale MCP sessions (after Cloud Run deployment or instance recycling) now recover transparently without requiring the client to reconnect.

Documentation

  • Added support_threshold behaviour reference to API docs, Node SDK, and MCP README
  • Added sender_trust effect on scoring to all documentation
  • Added analyse_multi accepted endpoint values to MCP README and API docs
  • Added complete context field reference across all packages

SDK Releases

  • @tuteliq/sdk v2.4.0 — adds confidence to AnalyzeResult, optional risk_level to UnsafeResult
  • @tuteliq/mcp v3.5.0 — wires support_threshold through all detection MCP tools, shows confidence and support in analyze tool

v1.4.2 — March 2026

Full EU Language Coverage

  • Added 13 new languages: Romanian (ro), Greek (el), Czech (cs), Hungarian (hu), Bulgarian (bg), Croatian (hr), Slovak (sk), Lithuanian (lt), Latvian (lv), Estonian (et), Slovenian (sl), Maltese (mt), Irish (ga)
  • Tuteliq now supports 27 languages — all 24 EU official languages + Ukrainian, Norwegian, and Turkish
  • Enhanced all language entries with grooming indicators, self-harm coded vocabulary, filter evasion techniques, and youth slang coverage
  • All new languages are in Beta status

v1.4.1 — March 2026

Language Support Expansion

  • Added 4 new languages: Dutch (nl), Polish (pl), Italian (it), Turkish (tr)
  • Tuteliq now supports 14 languages with auto-detection and culture-aware analysis
  • Each language includes culturally-specific safety guidelines, slur databases, and prompt calibration
  • All new languages are in Beta status

v1.4.0 — March 2026

Age Verification (Beta)

  • POST /v1/verification/age — verify user age through document analysis and biometric age estimation
  • Supports government-issued ID documents (passport, driving licence, national ID)
  • Biometric age estimation from selfie photo
  • Returns verified, estimated_age, age_range, confidence, and document_type
  • 20 credits per verification (updated in v1.6.1)
  • Available on Pro tier and above

Identity Verification (Beta)

  • POST /v1/verification/identity — confirm user identity with document verification and liveness detection
  • Document authenticity checks (MRZ validation, hologram detection, tamper analysis)
  • Liveness detection to prevent spoofing (photo-of-photo, screen replay, mask attacks)
  • Face matching between document photo and selfie
  • Returns verified, match_score, liveness_passed, document_authenticated, and flags
  • 25 credits per verification (updated in v1.6.1)
  • Available on Business tier and above

Tier Access

  • Age Verification requires Pro tier ($99/mo) or above
  • Identity Verification requires Business tier ($349/mo) or above
  • Both features are in Beta — endpoints and response schemas may evolve

v1.3.0 — February 2026

Fraud Detection Endpoints

  • POST /v1/fraud/social-engineering — detect social engineering tactics: pretexting, impersonation, urgency manipulation, authority exploitation
  • POST /v1/fraud/app-fraud — identify fraudulent app promotion, fake reviews, malicious download links, and clone app distribution
  • POST /v1/fraud/romance-scam — detect romance scam patterns: love-bombing, financial requests, identity fabrication, isolation tactics
  • POST /v1/fraud/mule-recruitment — flag money mule recruitment: easy money offers, account sharing requests, laundering language

Safety Extended Endpoints

  • POST /v1/safety/gambling-harm — detect gambling harm: underage gambling promotion, addiction patterns, predatory odds, bet pressure
  • POST /v1/safety/coercive-control — identify coercive control: isolation tactics, financial control, monitoring/surveillance, threat patterns
  • POST /v1/safety/vulnerability-exploitation — detect exploitation of vulnerable individuals with cross-endpoint vulnerability modifier and vulnerability profile scoring
  • POST /v1/safety/radicalisation — flag radicalisation indicators: extremist rhetoric, us-vs-them framing, recruitment patterns, dehumanisation

Multi-Endpoint Analysis

  • POST /v1/analyse/multi — fan-out a single text to up to 10 detection endpoints in parallel
  • Automatic vulnerability modifier: when vulnerability-exploitation is included, its cross-endpoint modifier adjusts severity scores across all other results
  • Aggregated response with summary.highest_severity, summary.total_credits_used, and per-endpoint breakdown
  • Supports both legacy (bullying, grooming, unsafe) and new detection endpoints

SDK & Tool Support

  • All new endpoints available across all SDKs: Node.js, Python, Swift, Kotlin, Flutter, React Native, .NET, Unity
  • CLI — new detect social-engineering, detect app-fraud, detect romance-scam, detect mule-recruitment, detect gambling-harm, detect coercive-control, detect vulnerability-exploitation, detect radicalisation, and detect multi commands
  • MCP Server — 10 new tools for fraud, extended safety, multi-endpoint analysis, and video analysis

Tier Access

  • New endpoints require Indie tier or above (Starter tier retains access to bullying, grooming, and unsafe only)
  • All new endpoints cost 5 credits per call (updated in v1.6.1); multi-endpoint costs the sum of individual endpoints

v1.2.0 — February 2026

Video Analysis

  • POST /v1/safety/video — upload a video file (mp4, webm, quicktime, avi — max 100MB, 10 min) and receive per-frame vision analysis with flagged timestamps
  • Frame extraction powered by ffmpeg with configurable max_frames (default 10, max 20)
  • Aggregated overall_risk_score and overall_severity across all frames
  • Automatic incident recording and webhook alerts for flagged videos
  • 95 credits per video analysis (updated in v1.6.1)

Video Streaming

  • WebSocket voice streaming now supports video frames alongside audio
  • Send video frames as binary with a 0x01 prefix byte; audio uses 0x00 or no prefix (backward compatible)
  • New frame_analysis server event with per-frame vision results
  • New config options: enable_video, frame_interval_seconds (min 3s, default 5s)
  • session_summary event now includes video_frames_analyzed count
  • 7 credits per video frame analysis (updated in v1.6.1)

Voice Streaming Enhancements

  • Updated authentication: ?api_key= query param or Authorization: Bearer header
  • Tier-based connection limits (1 for Starter, up to unlimited for Enterprise)
  • Subscription-aware credit tracking per flush
  • Heartbeat ping/pong every 30 seconds for stale connection detection

v1.1.0 — February 2026

Multilingual Support

  • 27 languages supported — English (stable), all 24 EU official languages + Ukrainian, Norwegian, Turkish (beta)
  • Layered auto-detection — Trigram analysis (franc) confirmed by LLM-based detection for maximum reliability
  • Culture-aware analysis — Language-specific guidelines for local slang, idioms, and harmful terms injected into classification prompts
  • All safety endpoints now return language, language_status, and detected_language fields in responses
  • No explicit language parameter required — detection is fully automatic

v1.0.0 — February 2026

Initial public release of the Tuteliq API.

Safety Endpoints

  • POST /v1/safety/unsafe — detect harmful content across all nine KOSA categories
  • POST /v1/safety/bullying — dedicated bullying and harassment detection
  • POST /v1/safety/grooming — conversation-level grooming pattern analysis
  • POST /v1/safety/voice — audio file transcription and safety analysis
  • POST /v1/safety/image — image analysis for visual content risks

Analysis & Guidance Endpoints

  • POST /v1/analysis/emotions — emotional well-being analysis from text and conversations
  • POST /v1/guidance/action-plan — age-appropriate guidance and intervention recommendations
  • POST /v1/reports/incident — structured safety report generation

Voice Streaming

  • WSS /v1/safety/voice/stream — real-time voice moderation via WebSocket with configurable severity thresholds

Webhooks

  • POST /v1/webhooks — register webhook endpoints for safety alerts and batch events
  • HMAC-SHA256 signature verification on all webhook deliveries
  • Automatic retry with exponential backoff (3 attempts)

GDPR Compliance

  • DELETE /v1/account/data — right to erasure (Article 17)
  • GET /v1/account/data/export — right to data portability (Article 20)
  • PATCH /v1/account/data — right to rectification (Article 16)
  • Consent management endpoints for granular data processing consent
  • Public transparency endpoints: DPA, sub-processors, retention policy

SDKs & Tools

Platform

  • Credit-based billing with per-endpoint pricing
  • Tier-based rate limiting (Free, Basic, Premium, Enterprise)
  • API key authentication via Bearer token or x-api-key header
  • Full KOSA harm category coverage with age-calibrated severity scoring