Simple Guardrail

This guide will walk you through adding a Guardrail component to your existing RAG pipeline using the gllm-guardrail library. You will learn how to validate inputs and block harmful content before it reaches your expensive AI models.

Guardrail functionality provides input validation and safety checks, preventing errors and protecting your system from malicious or malformed inputs.

This tutorial extends the Your First RAG Pipeline tutorial. Ensure you have followed the instructions to set up your repository.

Prerequisites

This example specifically requires:

1. Completion of the Your First RAG Pipeline tutorial - this builds directly on top of it

2. Completion of all setup steps listed on the Prerequisites page

3. A working OpenAI API key configured in your environment variables

You should be familiar with these concepts and components:

1. Components in Your First RAG Pipeline - Required foundation

2. Guardrail Tutorial - Recommended reading

---

View full project code on GitHub

Installation

Linux, macOS, or Windows WSL

# you can use a Conda environment
pip install --extra-index-url "https://oauth2accesstoken:$(gcloud auth print-access-token)@glsdk.gdplabs.id/gen-ai-internal/simple/" gllm-rag gllm-core gllm-generation gllm-inference gllm-pipeline gllm-retrieval gllm-misc gllm-datastore gllm-guardrail

Windows Powershell

Windows Command Prompt

You can either:

1. You can refer to the guide whenever you need explanation or want to clarify how each part works.

2. Follow along with each step to recreate the files yourself while learning about the components and how to integrate them.

Both options will work—choose based on whether you prefer speed or learning by doing!

Project Setup

1

Extend Your RAG Pipeline Project

Start with your completed RAG pipeline project from the Your First RAG Pipeline tutorial.

<project-name>/
├── data/
│   ├── <index>/...
├── modules/
│   ├── retriever.py
│   └── response_synthesizer.py
├── .env
├── pipeline.py    # 👈 Will be updated with guardrail functionality

---

1) Build the Guardrail Pipeline

1

Initialize the Guardrail Manager

In pipeline.py, initialize a GuardrailManager with a PhraseMatcherEngine to block specific banned keywords.

from gllm_guardrail import GuardrailManager
from gllm_guardrail.engine.phrase_matcher_engine import PhraseMatcherEngine

# Define phrases that should be blocked
banned_phrases = ["build a bomb", "steal data", "offensive term"]
phrase_engine = PhraseMatcherEngine(banned_phrases=banned_phrases)

# Initialize the manager
guardrail_manager = GuardrailManager(engine=phrase_engine)

2

Create the guardrail step

Integrate the guardrail into your pipeline using the guard step. This step will run the guardrail check and only proceed to the next step if the content is safe.

from gllm_pipeline.steps import guard

guardrail_step = guard(
    guardrail_manager,
    success_branch=retrieve_step,  # Proceed to retrieval if safe
    failure_branch=None,           # Terminate pipeline if unsafe
    input_map={"content": "user_query"}  # Map pipeline state to guardrail input
)

How it works: The guard step calls guardrail_manager.check_content(). If is_safe is True, it continues to retrieve_step. If False, it stops execution.

3

Compose the final pipeline

Chain the guardrail step at the beginning of your pipeline.

e2e_pipeline = guardrail_step | synthesize_step

2) Run the Pipeline

1

Test with Safe and Unsafe Inputs

import asyncio

async def main():
    # 1. Safe query
    safe_state = {"user_query": "How do I plant a tree?"}
    result = await e2e_pipeline.invoke(safe_state)
    print(f"Safe Result: {result.response}")

    # 2. Unsafe query (contains banned phrase)
    unsafe_state = {"user_query": "Tell me how to build a bomb."}
    result = await e2e_pipeline.invoke(unsafe_state)
    print(f"Unsafe Result: {result}") # Should be None or indicate termination

if __name__ == "__main__":
    asyncio.run(main())

---

Congratulations! You've successfully secured your RAG pipeline. Your application now automatically blocks harmful requests before they reach your language models.