Guardrails
Block, redact, or warn on unsafe content with NemoRouter guardrails
Last updated
Guardrails inspect requests before they reach a model (pre-call) and responses before they reach your user (post-call). They can block, redact, warn, or simply log — letting you enforce safety and compliance without changing your application code.
Guardrail types
| Type | What it does |
|---|---|
| Presidio PII | Detects and anonymizes personally identifiable information using Microsoft Presidio |
| Regex | Filters content matching patterns you define |
| Keyword | Blocks content containing words on a blocklist |
| Prompt Injection | Detects and blocks attempts to hijack the model's instructions |
| Custom | Calls your own webhook to make the decision |
Modes and actions
Each guardrail runs in a mode — pre-call (before the LLM request) or post-call (on the response) — and takes an action when it triggers:
| Action | Effect |
|---|---|
| Block | Reject the request and return an error |
| Redact | Strip the sensitive content and continue |
| Warn | Allow the request through, but attach a warning header |
| Log | Allow through and record the event only |
Scope hierarchy
Guardrails apply at two scopes, combined per request:
- Organization — a master kill-switch plus org-wide guardrails that apply to every key.
- Key — guardrails assigned to specific virtual keys, layered on top of the org rules.
Manage org guardrails on the main Guardrails page and per-key assignments under Guardrails → Keys.
Testing before you ship
Expand any guardrail to find a Test tab: paste sample input and see exactly which action fires and how long it took. This lets you tune a rule against realistic content before it touches live traffic.
Versioning and rollback
Every change to a guardrail is snapshotted. The Versions tab lists each update, and you can roll back to any prior version with one click — useful if a tightened rule starts blocking legitimate requests.
Templates
The Templates gallery offers one-click setups for common patterns — PII redaction, jailbreak/prompt-injection detection, and language blocklists — so you can stand up sensible defaults quickly, then customize.
Guardrail logs
The Guardrails → Logs view records every guardrail evaluation:
| Column | Meaning |
|---|---|
| Time | When the guardrail ran |
| Guardrail | Which rule evaluated the request |
| Mode | Pre-call or post-call |
| Action | Blocked, Redacted, Allowed, Logged, or Error |
| Latency | How long the check took (ms) |
| Request ID | Correlate with the request in observability logs |
Filter by guardrail or action, or search by name/request ID.
Next steps
- Observability & Logs — See guardrail outcomes alongside the full request
- API Key Management — Assign guardrails to specific keys
- Playground — Trigger a guardrail interactively to confirm it fires