Appearance
Guardrails Library Overview
The elsai Guardrails library provides core classes and functions for implementing guardrails in your LLM applications.
Core Classes
GuardrailSystem
The main class for performing guardrail checks on text content.
Key Features:
- Toxicity detection
- Sensitive data detection
- Content classification
- Off-topic detection
- SQL syntax validation
- PII/PHI detection and data masking
- Token budget enforcement
- Tool authorization (agent hooks)
- Rate limiting (agent hooks)
- Data exfiltration detection (output)
- ARMS storage (Backend persistence)
- Input and output validation
See GuardrailSystem for details.
LLMRails
High-level class that combines LLM generation with guardrail checks.
Key Features:
- Integrated LLM and guardrails
- Automatic input/output validation
- Token budget enforcement (when enabled in config)
- Detailed result reporting
- Async support
See LLMRails for details.
GuardrailResult
Result object returned from guardrail checks.
Contains:
passed: Whether checks passedtoxicity: Toxicity detection resultssensitive_data: Sensitive data detection resultssemantic_class: Content classification resultexfiltration: Data exfiltration detection result (output checks)message: Human-readable message
See GuardrailResult for details.
TokenBudgetEnforcer
Standalone class for token budget enforcement in custom LLM pipelines.
Key Features:
- Pre-flight input context validation
- Post-flight response token validation
- YAML or programmatic configuration
- Full-context calculation including system prompts, history, and RAG context
See Token Budget Enforcement for details.
Agent Hook Methods
For tool authorization and rate limiting, initialize with GuardrailPolicy and use hook methods in your agent graph:
python
from elsai_guardrails.guardrails import GuardrailSystem, ToolCallCheckResult
from elsai_guardrails.guardrails.guardrail_policy import GuardrailPolicy
guardrails = GuardrailSystem(
guardrail_policy=GuardrailPolicy.from_file("config.yaml"),
)| Method | Purpose |
|---|---|
before_tool_call(tool_name, user_role, metadata, raise_on_block) | Authorize a tool call before execution |
before_request(session_id, raise_on_block) | Check per-session request limit before LLM call |
check_tool_call_limit(session_id, raise_on_block) | Peek at tool call quota before execution |
record_tool_call(session_id) | Record a tool call when it actually runs |
start_execution_timer() / end_execution_timer(t) | Track cumulative tool execution time |
create_session() / get_session(session_id) | Manage rate-limit session state |
link_arms(arms) / link_run_context(...) | Align storage with ARMS run ids |
begin_run() / end_run() | Start and flush a storage run lifecycle |
storage_run_context(...) | Context manager for pinned run ids |
See Tool Authorization, Rate Limiting, ARMS Storage, and Data Exfiltration Detection for integration examples.
Configuration Classes
RailsConfig
Configuration container for the entire rails system.
GuardrailConfig
Configuration for guardrail behavior and thresholds.
Quick Example
python
from elsai_guardrails.guardrails import GuardrailSystem, GuardrailConfig
# Create guardrail system with all features
config = GuardrailConfig(
check_toxicity=True,
check_sensitive_data=True,
check_semantic=True,
check_off_topic=True,
check_sql_syntax=True,
allowed_topics=[
{"name": "Support", "description": "Customer support topics"}
],
sql_dialect="mysql"
)
guardrail = GuardrailSystem(config=config)
# Check text
result = guardrail.check_input("Hello, this is a test")
print(f"Passed: {result.passed}")Next Steps
- GuardrailSystem - Detailed API reference
- LLMRails - High-level usage
- GuardrailResult - Result object details