Guards
Guards are protective rules that inspect requests and responses flowing through the gateway. They can detect sensitive data, block harmful content, and enforce usage limits before requests reach providers or before responses reach clients.
Guard List
The Guards page displays all configured guards as cards. Each card shows the guard’s name, description, type, enforcement level, and whether it is applied to input, output, or both. A toggle switch lets you enable or disable each guard inline.
Creating a Guard
Click Create Guard to open the form:
| Field | Description |
|---|---|
| Name | A descriptive name (e.g. “Block PII in prompts”) |
| Description | Optional notes about what this guard protects against |
| Type | The detection or enforcement mechanism (see below) |
| Level | How the gateway responds when the guard triggers |
| Applied To | Whether to inspect input, output, or both |
| Enabled | Toggle to activate the guard |
Guard Types
| Type | Description |
|---|---|
| Content Filter | Detects toxic, harmful, or inappropriate content using a configurable toxicity threshold |
| Rate Limit | Enforces request rate limits beyond the global settings |
| Token Limit | Caps the maximum token count per request |
| PII Detection | Scans for personally identifiable information patterns |
| Prompt Injection | Detects attempts to manipulate model behavior through crafted prompts |
| Custom | User-defined guard logic |
Enforcement Levels
| Level | Behavior |
|---|---|
| Block | Rejects the request or suppresses the response with a 4xx error |
| Warn | Allows the request to proceed but logs a warning and may trigger alerts |
| Log | Records the detection in audit logs without affecting the request |
Type-Specific Configuration
Content Filter
When the type is set to content-filter, a Toxicity Threshold slider appears. The threshold ranges from 0 (most permissive) to 1 (most strict), with a default of 0.70. Content scoring above the threshold triggers the guard.
PII Detection
When the type is set to pii-detection, a checklist of PII Patterns appears. Select which patterns to detect:
email— Email addressesphone— Phone numbersssn— Social security numberscredit-card— Credit card numbersaddress— Physical addressesname— Personal namesip-address— IP addresses
You can enable any combination of patterns per guard. Create multiple PII guards with different levels if you want to block some patterns and only warn on others.
Applied To: Input vs Output
| Target | What is inspected |
|---|---|
| Input | The user’s prompt and any attached content before it reaches the provider |
| Output | The provider’s response before it is returned to the client |
| Both | Both directions are inspected |
Applying guards to output is useful for catching provider responses that contain sensitive data or inappropriate content, even when the input was clean.
Editing and Deleting Guards
- Click Edit to modify a guard’s configuration.
- Use the inline toggle switch to enable or disable a guard without opening the editor.
- Click Delete to permanently remove a guard. A confirmation dialog warns that the protection it provides will be removed.
Best Practices
- Start guards in Log mode to understand detection patterns before switching to Block.
- Apply PII detection to both input and output to prevent data leakage in either direction.
- Use content filters on output to catch unexpected provider responses.
- Layer multiple guards — for example, a
warn-level PII guard and ablock-level prompt injection guard can run simultaneously.