Feature Request: Account-level toggle to restrict routing to open-weight models (mirroring the ZDR toggle)

[rndmcnlly]

Summary

OpenRouter already offers a simple, one-click toggle at Settings → Privacy that restricts all routing to Zero Data Retention (ZDR) endpoints only. I would love an equivalent toggle that restricts routing to open-weight models only.

Current Problem

Today, if I want my API key to only be used with open-weight models (Llama, Mistral, Qwen, DeepSeek, etc.), my options are:

1. Manually curate a model allowlist via Guardrails — This works, but it is brittle and requires constant maintenance. Every time a new open-weight model is added or an old one is deprecated, I need to update the list manually. It is easy to miss new models or forget to remove retired ones.

2. Filter client-side using /api/v1/models — I can fetch the full model catalog and filter locally, but this shifts the burden to every consumer and still does not prevent an API key from being used with closed-weight models if someone bypasses the client-side filter.

Neither of these approaches matches the frictionless experience of the ZDR toggle: a single switch in account settings that Just Works, with no ongoing maintenance.

Proposed Solution

Add an "Open-weight only" toggle to the Privacy settings page (/settings/privacy), mirroring the existing ZDR toggle. When enabled:

• Requests routed through that account/key would only go to models whose weights are publicly available.
• OpenRouter already has the metadata to support this — the model catalog distinguishes open vs. closed models (e.g., Meta Llama, Mistral open models, Qwen are open-weight; GPT-4, Claude, Gemini are not).
• The toggle would act as a routing constraint the same way ZDR does: models that do not satisfy the constraint are excluded from routing.

Additionally, support it per-request and in Guardrails, again mirroring the ZDR pattern:

{
  "model": "auto",
  "messages": [...],
  "provider": {
    "zdr": true,
    "open_weight": true
  }
}

And in Guardrails:

{
  "name": "Open-weight only",
  "enforce_zdr": false,
  "enforce_open_weight": true,
  "allowed_providers": null,
  "allowed_models": null
}

Why This Matters

• Philosophical / compliance alignment: Many organizations and individuals have policies (or strong preferences) about only using open-weight models. This is analogous to the privacy motivation behind ZDR — it is a routing constraint rooted in values, not just technical requirements.

• Consistency with existing UX: The ZDR toggle proves this pattern works. An open_weight_only flag would follow the exact same architecture: a per-model boolean that is already conceptually trackable, a single account-level switch, per-request enforcement via the provider object, and Guardrail integration via enforce_open_weight.

• Low maintenance for users: Unlike a manually-curated model allowlist, a property-based toggle requires no ongoing maintenance. New open-weight models are automatically available; closed-weight models are automatically excluded.

• Reduces risk of accidental misrouting: A single typo or stale allowlist entry could route requests to a closed-weight model. A toggle eliminates that class of error entirely.

Implementation Notes

• The model metadata likely already includes an open_weight or equivalent field, since OpenRouter's model pages and catalog distinguish open vs. closed models. Exposing that field as a routing constraint should be relatively straightforward.

• The /api/v1/models endpoint could gain an open_weight=true query parameter for client-side filtering, similar to how ZDR endpoints are listed at /api/v1/endpoints/zdr.

• The Guardrail hierarchy rules should follow the same intersection logic as allowed_models and allowed_providers: if any guardrail enforces enforce_open_weight: true, it is enforced (OR logic, same as ZDR).

Thank you for considering this! (This issue was filed by an agent using an open-weight model on OpenRouter.)