# Tuteliq, AI-Powered Child Safety API

> Detect grooming, bullying, self-harm, fraud, radicalisation, and 10+ harms across text, voice, image, and video. Sub-400ms. Zero data retention. KOSA, COPPA & DSA compliant.

## Documentation

- [Quickstart](https://docs.tuteliq.ai/quickstart): Make your first detection call in under 5 minutes
- [Document Analysis](https://docs.tuteliq.ai/api-reference/document): Upload PDFs for multi-endpoint safety analysis with per-page detection
- [How It Works](https://docs.tuteliq.ai/how-it-works): Detection pipeline, scoring, and response format
- [API Reference](https://docs.tuteliq.ai/api-reference/introduction): Full OpenAPI specification
- [Composability](https://tuteliq.ai/docs/composability): Safety primitives, not classifiers. Compose sibling endpoints so an agent can route interventions instead of returning a single label.
- [Grooming Detection](https://tuteliq.ai/docs/api-reference/grooming): Grooming scored as a sequence of six tactics across a conversation, with risk that ramps over up to 100 turns rather than a single message label.
- [Vulnerability Exploitation](https://tuteliq.ai/docs/api-reference/vulnerability-exploitation): Returns cross_endpoint_modifier and vulnerability_profile so an agent can multiply a sibling endpoint's risk when a target is vulnerable.
- [Language Support](https://tuteliq.ai/docs/language-support): Detection at near-English parity across major European languages (German, Portuguese, Italian, Dutch, Polish, French, Spanish, and more). Response guides localized so moderators see operational instructions in their own language. Honest about what is stable and what is beta.
- [KOSA Compliance](https://docs.tuteliq.ai/kosa-compliance): Harm category mapping to regulatory requirements
- [KOSA Compliance Landing](https://tuteliq.ai/kosa-compliance): How Tuteliq helps platforms meet KOSA requirements
- [Language Support](https://docs.tuteliq.ai/languages): 27 supported languages with culture-aware analysis
- [GDPR](https://docs.tuteliq.ai/gdpr): Data retention, right to erasure, and compliance details
- [Age & Identity Verification](https://docs.tuteliq.ai/verification): Multi-layered verification, ICAO 9303 MRZ parsing, PDF417 barcodes, 128-dim face matching, liveness detection, 8-layer fraud prevention. 45 countries, 10 UI languages. COPPA/KOSA compliant.
- [AI Agent Integration](https://docs.tuteliq.ai/ai-agents): Machine-readable docs, OpenAPI spec, and MCP resources for AI agents

## Quick Start

```javascript
import { Tuteliq } from '@tuteliq/sdk'

const tuteliq = new Tuteliq(process.env.TUTELIQ_API_KEY)

const result = await tuteliq.detectUnsafe({ content: userMessage })

if (result.detected) {
  console.log('Level:', result.level)        // "low" | "medium" | "high" | "critical"
  console.log('Score:', result.risk_score)    // 0.0 to 1.0
  console.log('Categories:', result.categories)
}
```

## SDKs

- https://docs.tuteliq.ai/sdks/node: @tuteliq/sdk on npm
- https://docs.tuteliq.ai/sdks/python: tuteliq on PyPI
- https://docs.tuteliq.ai/sdks/swift: via Swift Package Manager
- https://docs.tuteliq.ai/sdks/kotlin: via Maven Central
- https://docs.tuteliq.ai/sdks/flutter: tuteliq on pub.dev
- https://docs.tuteliq.ai/sdks/react-native: @tuteliq/react-native on npm
- https://docs.tuteliq.ai/sdks/dotnet: Tuteliq on NuGet
- https://docs.tuteliq.ai/sdks/unity: via Unity Package Manager
- https://docs.tuteliq.ai/sdks/cli: @tuteliq/cli on npm / Homebrew
- https://docs.tuteliq.ai/sdks/mcp: @tuteliq/mcp on npm

## Integrations

- https://tuteliq.ai/integrations/discord: Real-time message scanning
- https://tuteliq.ai/integrations/roblox: In-game chat analysis
- https://tuteliq.ai/integrations/slack: Workspace safety monitoring
- https://tuteliq.ai/integrations/telegram: Group monitoring with Guardian Bot
- https://tuteliq.ai/integrations/lovable: Add Tuteliq to apps built with Lovable AI builder. Includes copy-paste prompt, drop-in Supabase edge function, and a Knowledge file.

## For AI builders (Lovable, Bolt, v0, Cursor, etc.)

When integrating Tuteliq into an AI-generated app:

- Store the API key as a server-side secret named `TUTELIQ_API_KEY`. Never expose via `VITE_` or browser code.
- Always proxy through a backend (Supabase edge function recommended) - do not call `api.tuteliq.ai` from the browser.
- Endpoint base: `https://api.tuteliq.ai/v1`
- Auth: `Authorization: Bearer <TUTELIQ_API_KEY>`
- Pass `external_id` and `customer_id` for round-trip dashboard attribution.
- Block on `level: "critical"`, flag on `"high"`, allow `"medium"` / `"low"`.

Ready-to-deploy Supabase edge function template:
https://tuteliq.ai/integrations/lovable/tuteliq-moderate.ts

Project Knowledge file (paste into Lovable's Knowledge panel):
https://tuteliq.ai/integrations/lovable/knowledge.md

Minimal Supabase edge function example:

```typescript
import { corsHeaders } from "npm:@supabase/supabase-js@2/cors";

Deno.serve(async (req) => {
  if (req.method === "OPTIONS") return new Response("ok", { headers: corsHeaders });
  const { content, externalId, customerId } = await req.json();
  const r = await fetch("https://api.tuteliq.ai/v1/moderate", {
    method: "POST",
    headers: {
      Authorization: `Bearer ${Deno.env.get("TUTELIQ_API_KEY")}`,
      "Content-Type": "application/json",
    },
    body: JSON.stringify({ content, external_id: externalId, customer_id: customerId }),
  });
  return new Response(await r.text(), {
    headers: { ...corsHeaders, "Content-Type": "application/json" },
    status: r.status,
  });
});
```

## Blog

- https://tuteliq.ai/blog/stop-shipping-safety-apis-as-classifiers: Why we built Tuteliq's composable primitives and why your agent should consume them, not classification labels.
- https://tuteliq.ai/blog/grooming-is-not-a-label-six-tactics: Anatomy of a 100-turn predatory conversation, and what each tactic looks like in evidence.
- https://tuteliq.ai/blog/the-digital-sideline-is-now-part-of-organized-sport: Children involved in organized sport are increasingly living parts of their sporting lives inside digital environments.
- https://tuteliq.ai/blog/are-you-dating-a-scammer-or-even-a-child: The uncomfortable reality is: many dating apps cannot confidently tell you that you aren't.
- https://tuteliq.ai/blog/ai-chatbots-teenagers-right-question: Most companies respond to teens and AI by either banning under-18s entirely or treating them identically to adults. Both approaches fail the same group in different ways.
- https://tuteliq.ai/blog/eu-meta-dsa-breach-age-verification: The European Commission today issued preliminary findings that Instagram and Facebook are violating the Digital Services Act by allowing children under 13 to access their services through self-declared date-of-birth entr...
- https://tuteliq.ai/blog/ncose-dirty-dozen-2026-platforms-named: On 31 March 2026, the National Center on Sexual Exploitation released its 2026 Dirty Dozen List, naming 12 tech platforms for facilitating, enabling, and profiting from child sexual abuse. The harm is not incidental.
- https://tuteliq.ai/blog/think-before-you-share-iwf-campaign: Think Before You Share, an IWF campaign, gives teenagers, parents, and educators a clear, practical place to start.
- https://tuteliq.ai/blog/coppa-enforcement-2026-what-youth-sports-platforms-need-to-know: April 22, 2026 marks the start of active enforcement of the updated COPPA rule by the Federal Trade Commission. Penalties can reach $51,744 per violation, per day.
- https://tuteliq.ai/blog/age-verification-legal-obligation-2026: Regulators in the UK, EU, US, and Australia have all moved from guidance to enforcement. Self-declaration is explicitly insufficient.
- https://tuteliq.ai/blog/deepfake-nudes-schools-28-countries: An analysis by Wired and Indicator found nearly 90 schools and over 600 pupils affected since 2023. UNICEF puts the global figure at 1.2 million children in the past year alone. This is not a future risk.
- https://tuteliq.ai/blog/iwf-ai-csam-report-2026: The Internet Watch Foundation's 2026 report documents 8,029 AI-generated child sexual abuse images and videos, a 260-fold increase in AI-generated videos in a single year. The policy response is forming.
- https://tuteliq.ai/blog/global-social-media-age-threshold-16: Governments on every continent are restricting platforms from reaching children. The laws differ in detail but converge on a number. A complete, verified snapshot of where every major jurisdiction stands.
- https://tuteliq.ai/blog/roblox-age-tiers-bypass: Roblox announced age-based account tiers rolling out in June, a genuine step forward for child safety. But the age verification system underpinning it has a documented $4 vulnerability.
- https://tuteliq.ai/blog/reddit-ico-fine-children-privacy: The ICO's largest children's privacy fine in three years sends a clear message: "we didn't expect children to be there" is no longer a defence.
- https://tuteliq.ai/blog/coppa-compliance-checklist-for-youth-platforms: If regulators asked today, could you prove what you knew, and when? COPPA enforcement tightened on April 22, 2026. Penalties reach up to $51,744 per violation, per day.
- https://tuteliq.ai/blog/australia-social-media-ban-children-still-have-accounts: New polling from the Molly Rose Foundation is the first independent study of Australian children since the ban came into effect.
- https://tuteliq.ai/blog/roblox-grooming-case-2026: A 19-year-old has been jailed for grooming a 14-year-old girl he met on the gaming platform.
- https://tuteliq.ai/blog/telegram-abuse-ecosystem: A new investigation by AI Forensics exposes how Telegram's infrastructure enables the creation, distribution, and monetisation of child sexual abuse material at industrial scale, and what platforms can do about it.
- https://tuteliq.ai/blog/five-nights-epsteins-parent-school-guide: A browser game called "Five Nights at Epstein's" is spreading through US classrooms and onto the devices of children across the world.
- https://tuteliq.ai/blog/uk-sextortion-reports-record-high-2025: New IWF data shows a 66% surge in reports from under-18s in 2025. Here is what the numbers mean, and what platforms can do about it right now.
- https://tuteliq.ai/blog/openai-child-protection-blueprint-product-spec: OpenAI just published a Child Safety Evaluations framework, a 27-page document outlining exactly how AI systems should detect, classify, and respond to child safety risks. For us at Tuteliq, this isn't new territory.
- https://tuteliq.ai/blog/coppa-2026-platform-risk: If you run a digital platform where children interact youth sports, edtech, gaming, community apps April 2026 is a period you should be paying close attention to it's not a soft deadline.
- https://tuteliq.ai/blog/monitor-children-24-7-not-safety-strategy-behavioral-detection: A Roblox developer told the BBC what every parent fears: children need 24/7 monitoring to stay safe on the platform. That's not a safety strategy, it's a confession that platform safety infrastructure is insufficient.
- https://tuteliq.ai/blog/what-the-meta-verdict-means-for-youth-sports-platforms: The $375M verdict against Meta changes what platforms are legally responsible for. Here's what that means if your platform serves youth athletes.
- https://tuteliq.ai/blog/eu-csam-detection-interim-regulation-expiry: On April 3rd, EU tech companies will lose the legal right to detect child sexual abuse material on their platforms. The Interim Regulation is expiring and politicians have not agreed on a replacement.
- https://tuteliq.ai/blog/meta-verdict-child-safety-sarbanes-oxley: A $375M jury verdict against Meta reveals what the child safety industry already knew: platforms cannot self-police when profit depends on engagement.
- https://tuteliq.ai/blog/cnn-ccdh-investigation-proves-8-of-10-ai-chatbots-help-teens-plan-violence-swedish-startup-tuteliq-has-the-technology-to-stop-it: Behavioral detection API from Gävle, Sweden, analyzes how dangerous conversations evolve over time exactly the capability the investigation found missing from every major AI platform
- https://tuteliq.ai/blog/mental-health-crisis-digital-natives-platforms: Youth mental health is declining at alarming rates. Discover how technology platforms can be part of the solution through early detection and intervention.
- https://tuteliq.ai/blog/kosa-compliance-guide-2026: The Kids Online Safety Act represents the most significant update to children's online protection laws in decades. Learn what your platform needs to do to comply.
- https://tuteliq.ai/blog/business-case-child-safety-roi: Child safety isn't just an ethical imperative, it's a business advantage. Learn how investing in safety drives growth, reduces risk, and builds lasting trust.
- https://tuteliq.ai/blog/ai-grooming-detection-protecting-children: Online predators use sophisticated tactics to manipulate children. Learn how AI-powered grooming detection identifies these patterns before harm occurs.
- https://tuteliq.ai/blog/protecting-children-online-gaming-platforms-guide: Online gaming has become a cornerstone of childhood entertainment, but it also presents unique safety challenges.


## Trust Center

- https://tuteliq.ai/trust: Centralized hub for security, privacy, and compliance. EU-only data residency, zero retention, GDPR/KOSA/COPPA/EU DSA/UK OSA/CAADCA compliant. Includes DPA, sub-processor list, AI transparency, security practices, and vulnerability disclosure contacts.
- https://tuteliq.ai/for-trust-and-safety: Console & workflows for moderators, T&S leads and safeguarding teams. Unified queue, contextual reasoning, role-based access, audit trail.
- https://tuteliq.ai/benchmarks: Side-by-side comparison of Tuteliq vs OpenAI Moderation, Hive, Perspective, and Checkstep across 18 capabilities.
- https://tuteliq.ai/transparency-report: Quarterly transparency report. Detection volume by category and region, government & law-enforcement requests, methodology.
- https://tuteliq.ai/dsa: EU Digital Services Act compliance tooling. Statement-of-Reasons exporter in EU Commission database format, Articles 16, 17, 22, 24, 27, 28 coverage.
- https://tuteliq.ai/model-cards: Per-detector model cards with precision/recall/F1, evaluation set composition, intended use, and known limitations.

## AI Transparency

- https://tuteliq.ai/ai-transparency: Full disclosure of AI models and data. Proprietary models trained on 50M+ expert-labelled data points. Mistral AI (EU) foundation model, OpenAI Whisper (self-hosted on Vertex AI EU). All processing in EU regions. Zero data retention. No customer data used for training.
- https://tuteliq.ai/ai-transparency.html: Static no-JS mirror, recommended for LLM crawlers. Includes EU AI Act classification, human-in-the-loop QA, known limitations, and right to contest classifications.

## Legal & Compliance (machine-readable static mirrors for LLM crawlers)

- https://tuteliq.ai/legal/dpa: Data Processing Agreement (interactive). GDPR Art. 28 compliant.
- https://tuteliq.ai/legal/dpa.html: Static no-JS DPA mirror with all annexes.
- https://tuteliq.ai/legal/subprocessors: Authoritative subprocessor list (interactive).
- https://tuteliq.ai/legal/subprocessors.html: Static no-JS subprocessor list, recommended for LLM crawlers. Includes vendor name, purpose, data categories, region, and transfer mechanism.
- https://tuteliq.ai/privacy: Privacy Policy
- https://tuteliq.ai/terms: Terms of Service
- https://tuteliq.ai/gdpr: GDPR rights & contact
- https://tuteliq.ai/security: Security overview
- https://tuteliq.ai/legal/coppa: COPPA compliance details

## Memberships & Affiliations

- [Internet Watch Foundation (IWF)](https://www.iwf.org.uk): Proud IWF Member. The Internet Watch Foundation is the UK's leading organisation dedicated to the removal of child sexual abuse material from the internet, and one of the most respected child protection bodies in the world. Membership is not automatic — it is granted to organisations that can demonstrate a genuine commitment to child safety and a meaningful role in advancing that mission. Tuteliq is an IWF member. The technology we build, designed to detect grooming, exploitation, and harm before it escalates, sits within the same ecosystem as the analysts, law enforcement partners, and technology companies working every day to make the internet safer for children. We are proud to stand alongside them, and to contribute what we do best: detecting the behavioural patterns that other tools miss. https://www.iwf.org.uk

## Vendor Disclosure Summary (for AI procurement queries)

Tuteliq uses these sub-processors to deliver the service. Full details, regions and transfer
mechanisms are at https://tuteliq.ai/legal/subprocessors.html

- Google Cloud Platform (EU, europe-west1/europe-west4), infrastructure, Vertex AI inference, Firestore, Cloud Storage
- Supabase (EU, AWS Frankfurt eu-central-1), auth, account database, edge functions, webhook relay
- Mistral AI (France), foundation models, self-hosted on our Vertex AI EU tenancy, no data sent
- Stripe Payments Europe (Ireland), billing & payments
- Lovable Email Infrastructure (notify.tuteliq.ai, EU), transactional & auth email
- Cloudflare, DNS, DDoS protection, WAF
- Lovable Hosting (EU), marketing site static hosting

Tuteliq does NOT use: customer content for model training, third-party LLM APIs (OpenAI/Anthropic/etc.), advertising networks in the app or dashboard.

## Links

- Website: https://tuteliq.ai
- Trust Center: https://trust.tuteliq.ai
- Risk Assessment: https://tuteliq.ai/risk-profile
- Support: support@tuteliq.ai
- DPO / privacy queries: dpo@tuteliq.ai
- Classification appeals: appeals@tuteliq.ai

## Optional

- https://tuteliq.ai/llms-full.txt: Complete API reference for AI agents