NeoShield Security logo NeoShield Security Quantum X

// tool reference · Governance & Advisory

Factory Studio Pro

Compose hosted defensive micro-tools from vetted primitives.

Open Factory Studio →


What it does

Describe a tool in plain language and the platform builds it — as a declarative Tool Spec executed by a safe interpreter, not as generated code. This is the platform's most distinctive capability and its most deliberate security decision.

When to use it

Inputs

Field names are the actual form parameters, verified against source.

FieldTypeRequiredNotes
(prompt) textarea required What the tool should do.

What you get back

A working tool with typed inputs and a result pipeline.

Worked example

Input

Extract every IP and CVE from an incident note and flag private ranges

Output (abridged)

{
  "key": "ioc_extract",
  "title": "IOC Extractor",
  "inputs":   [ { "name":"text", "type":"textarea", "required":true } ],
  "pipeline": [
    { "op":"regex_extract", "preset":"ipv4", "field":"text", "as":"ips",  "label":"IPv4" },
    { "op":"regex_extract", "preset":"cve",  "field":"text", "as":"cves", "label":"CVEs" }
  ]
}

How it works

The AI emits a JSON Tool Spec — typed inputs plus a pipeline of whitelisted operations. An interpreter executes it. There is NO eval(), no shell, no file writes, no network access, and no raw regex: patterns come from a vetted ReDoS-safe preset library selected by NAME. AI output is data, never code. Drafts save as .txt in a directory that denies both HTTP access and the PHP handler.

Limits

Read live from the platform configuration.

Visitor1 build
Free3 builds
Pro100 builds
Spec caps6 inputs · 16 pipeline steps · 60,000 chars/field
Top-upsFactory Build Pack

Privacy

Your prompt is sent to the AI provider. Specs and drafts are stored against your account.

Standards

OWASP LLM Top 10 (LLM02 insecure output handling — mitigated by design)

Related tools

← All tools Manual home