Guardrails & Policies

Oloyid enforces safety and compliance through multi-phase guardrails and a YAML-based policy engine. Configure what to scan, when to act, and how to respond to violations.

Guardrail phases

Guardrails operate at three distinct phases in the inference pipeline:

Phase	When	Examples
Input	Before the LLM call	PII/PHI detection, prompt injection, toxicity, jailbreak attempts
Runtime	During inference	Tool call validation, agent action monitoring, token budget enforcement
Output	After the LLM responds	Response PII scan, hallucination flags, policy compliance, content filtering

Guardrail actions

When a guardrail detects a violation, it can take one of these actions:

Block — Stop the request and return an error to the client
Flag — Allow the request but log a violation and optionally queue for human review
Redact — Remove or mask sensitive content before proceeding
Transform — Modify the content (e.g., sanitize, truncate) and continue

Policy engine

Policies are defined in YAML and evaluated by an OPA-like symbolic rule engine. Rules can reference request context, user attributes, model selection, and guardrail results.

policy:
  name: block-external-pii
  description: Block requests containing external PII
  rules:
    - condition: input.pii.detected AND input.pii.type == "external"
      action: block
      message: "External PII detected in input"

    - condition: output.pii.detected
      action: redact
      fields: ["email", "phone", "ssn"]

Policy chain

Policies are evaluated in order as a tenant-specific chain. The first matching rule determines the action. Use GET /policies/engine/chain to view the active chain and GET /policies/engine/catalog for available symbolic rules.

Industry packs

HealthShield (HIPAA)

Activates PHI detection guardrails, patient consent tracking, and HIPAA-compliant audit trails. Scans for medical record numbers, diagnosis codes, and other protected health information.

POST /api/v1/healthshield/activate
POST /api/v1/healthshield/scan
POST /api/v1/healthshield/inference
POST /api/v1/healthshield/consents

FinanceShield

Financial data protection with PCI-aware scanning, transaction data guards, and financial audit trails. Register data sources and enforce compliance on inference requests.

POST /api/v1/financeshield/activate
POST /api/v1/financeshield/scan
POST /api/v1/financeshield/inference
POST /api/v1/financeshield/data-sources

Evaluating guardrails

Test guardrail behavior without making an LLM call:

curl -X POST http://localhost:8000/api/v1/guardrails/evaluate \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "content": "My email is john@example.com and SSN is 123-45-6789",
    "phase": "input"
  }'

Evaluate a single pipeline phase:

curl -X POST http://localhost:8000/api/v1/inference/evaluate-phase \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "content": "User prompt text here",
    "phase": "input",
    "guardrail_ids": ["pii-detector", "toxicity-filter"]
  }'

Human approval workflows

Flagged requests can be queued for human review. Approvers resolve requests through the admin portal or via POST /workflows/requests/{id}/resolve. Configure workflow rules to auto-approve low-risk flags or escalate high-risk violations.