LLM Input Guardrails with Guardrails AI

ShopMax India's customer support chatbot receives thousands of queries daily. Without input guardrails, the system is vulnerable to prompt injection attacks, abusive language, and off-topic requests that waste compute budget. Guardrails AI provides a validation layer that intercepts and blocks invalid inputs before they reach the LLM.

Guardrails AI works by defining a Guard object with one or more validators. Each validator checks a specific property of the input - length, toxicity, format, or custom rules. When validation fails, the guard can raise an exception, filter the content, or apply a fix. The guard.validate() method returns a ValidationOutcome object with the validated output and any errors.

The example below shows how ShopMax India applies input guardrails to customer queries. It checks minimum length to block one-word inputs and toxicity to block abusive messages before the query reaches the LLM.

It gives the following output,

[ok] What is the warranty on Samsung televisions in
[ok] Show me laptops under Rs 50000 for office use
[BLOCKED] This product is garbage and your staff are ch
        Reason: Toxic language detected above threshold 0.5
[BLOCKED] Buy
        Reason: Value must be at least 10 characters long

In production, extend the guard with custom validators for domain-specific rules - blocking competitor brand names, restricting queries to product categories, or flagging PII patterns. Run guardrails validation as a FastAPI middleware so every request is intercepted before reaching the LLM chain. Log blocked queries to a monitoring table to identify attack patterns and tune thresholds over time.