autoagents-guardrails 0.3.7

Agent Framework for Building Autonomous Agents
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95

use std::fmt;

use autoagents_llm::error::{GuardrailPhase as LlmGuardrailPhase, LLMError};

use crate::guard::GuardViolation;

/// Enforcement policy applied when a guard reports a violation.
#[derive(Debug, Clone, Copy, Eq, PartialEq, Default)]
pub enum EnforcementPolicy {
    /// Immediately fail the request.
    #[default]
    Block,
    /// Sanitize payload and continue.
    Sanitize,
    /// Log violations and continue without forcing changes.
    Audit,
}

/// Broad category for a guardrail rule.
#[derive(Debug, Clone, Eq, PartialEq)]
pub enum GuardCategory {
    PromptInjection,
    Toxicity,
    Custom(String),
}

impl fmt::Display for GuardCategory {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match self {
            GuardCategory::PromptInjection => f.write_str("prompt_injection"),
            GuardCategory::Toxicity => f.write_str("toxicity"),
            GuardCategory::Custom(value) => f.write_str(value),
        }
    }
}

/// Severity associated with a violation.
#[derive(Debug, Clone, Copy, Eq, PartialEq)]
pub enum GuardSeverity {
    Low,
    Medium,
    High,
    Critical,
}

impl fmt::Display for GuardSeverity {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match self {
            GuardSeverity::Low => f.write_str("low"),
            GuardSeverity::Medium => f.write_str("medium"),
            GuardSeverity::High => f.write_str("high"),
            GuardSeverity::Critical => f.write_str("critical"),
        }
    }
}

#[derive(Debug, Clone, Copy, Eq, PartialEq)]
pub(crate) enum GuardPhase {
    Input,
    Output,
}

impl fmt::Display for GuardPhase {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match self {
            GuardPhase::Input => f.write_str("input"),
            GuardPhase::Output => f.write_str("output"),
        }
    }
}

pub(crate) fn violation_to_llm_error(
    phase: GuardPhase,
    guard_name: &str,
    violation: &GuardViolation,
) -> LLMError {
    LLMError::GuardrailBlocked {
        phase: match phase {
            GuardPhase::Input => LlmGuardrailPhase::Input,
            GuardPhase::Output => LlmGuardrailPhase::Output,
        },
        guard: guard_name.to_string().into(),
        rule_id: violation.rule_id.clone().into(),
        category: violation.category.to_string().into(),
        severity: violation.severity.to_string().into(),
        message: violation.message.clone().into(),
    }
}

pub(crate) fn guard_failure_to_llm_error(guard_name: &str, message: &str) -> LLMError {
    LLMError::GuardrailExecutionFailed {
        guard: guard_name.to_string(),
        message: message.to_string(),
    }
}