Guardrails are safety constraints that ensure your agents operate within defined boundaries. They prevent harmful outputs, require human approval for sensitive actions, and enforce usage limits.
{
"guardrails": {
"approvalGates": {
"enabled": true,
// Tools that always require approval
"requireApprovalFor": [
"send-email",
"publish-social",
"execute-payment",
"delete-data",
"execute-javascript"
],
// Conditions for automatic approval
"autoApprovalRules": [
{
"tool": "send-email",
"conditions": {
"recipientDomain": "@internal.company.com",
"templateApproved": true
}
}
],
// Approval timeout
"timeout": 86400, // 24 hours
"onTimeout": "reject" // reject | escalate
}
}
}See Human-in-the-Loop for comprehensive HITL documentation.
{
"guardrails": {
"approvalGates": {
"enabled": true,
"requireApprovalFor": ["delete-data", "execute-payment"]
},
"rateLimits": {
"requests": { "perMinute": 60 },
"cost": { "perDay": 100.00 }
},
"contentFilters": {
"piiProtection": { "enabled": true, "action": "warn" }
}
}
}{
"guardrails": {
"approvalGates": {
"enabled": true,
"requireApprovalFor": ["send-email", "update-account", "refund"]
},
"contentFilters": {
"blockedTopics": ["legal-advice", "competitor-info"],
"piiProtection": { "enabled": true, "action": "redact" },
"toxicityFilter": { "enabled": true, "threshold": 0.5 }
},
"rateLimits": {
"requests": { "perMinute": 30, "perUser": 100 },
"cost": { "perDay": 50.00 }
}
}
}{
"guardrails": {
"approvalGates": {
"enabled": true,
"requireApprovalFor": [
"publish-social", "send-email", "execute-payment",
"update-listing", "create-campaign"
],
"timeout": 3600,
"onTimeout": "reject"
},
"contentFilters": {
"blockedTopics": ["legal", "financial", "medical", "political"],
"piiProtection": { "enabled": true, "action": "block" },
"toxicityFilter": { "enabled": true, "threshold": 0.3 }
},
"rateLimits": {
"requests": { "perMinute": 10, "perDay": 500 },
"cost": { "perDay": 25.00, "perMonth": 200.00 }
},
"scopeLimits": {
"dataAccess": { "readOnly": ["users", "payments"] }
}
}
}When a guardrail is triggered, the system takes appropriate action based on configuration: