pub struct DomainAllowlistGuard { /* private fields */ }Expand description
Deny browser navigation to any host not on an operator allowlist.
The allowlist holds bare hosts (e.g. example.com). A target host matches if
it equals an allowed host or is a subdomain of one (docs.example.com
matches example.com). Matching is case-insensitive. An empty allowlist
denies all navigation (deny-by-default).
Implementations§
Source§impl DomainAllowlistGuard
impl DomainAllowlistGuard
Sourcepub fn new(hosts: impl IntoIterator<Item = impl Into<String>>) -> Self
pub fn new(hosts: impl IntoIterator<Item = impl Into<String>>) -> Self
Build from an iterator of allowed hosts. Hosts are lowercased; a leading
*., scheme, or path is stripped to the bare host.
Sourcepub fn allow_evaluate_script(self, allow: bool) -> Self
pub fn allow_evaluate_script(self, allow: bool) -> Self
Permit LLM-initiated evaluate_script despite its exfiltration risk.
Off by default; enable only when the agent operates on trusted pages.
Sourcepub fn host_allowed(&self, host: &str) -> bool
pub fn host_allowed(&self, host: &str) -> bool
Is host allowed (equal to, or a subdomain of, an allowlisted host)?
Trait Implementations§
Source§impl Guardrail for DomainAllowlistGuard
impl Guardrail for DomainAllowlistGuard
Source§fn name(&self) -> &str
fn name(&self) -> &str
Human-readable name for this guardrail, used in events and audit.
Override to attribute which guardrail fired in logs.
Source§fn pre_tool(
&self,
call: &ToolCall,
) -> Pin<Box<dyn Future<Output = Result<GuardAction, Error>> + Send + '_>>
fn pre_tool( &self, call: &ToolCall, ) -> Pin<Box<dyn Future<Output = Result<GuardAction, Error>> + Send + '_>>
Called before each tool execution. Can deny individual tool calls.
Deny returns a ToolResult::error for that call. Err aborts the run.Source§fn pre_llm(
&self,
_request: &mut CompletionRequest,
) -> Pin<Box<dyn Future<Output = Result<(), Error>> + Send + '_>>
fn pre_llm( &self, _request: &mut CompletionRequest, ) -> Pin<Box<dyn Future<Output = Result<(), Error>> + Send + '_>>
Called before each LLM call. Can mutate the request (e.g., inject safety
instructions, redact content).
Err aborts the run.Source§fn post_llm(
&self,
_response: &mut CompletionResponse,
) -> Pin<Box<dyn Future<Output = Result<GuardAction, Error>> + Send + '_>>
fn post_llm( &self, _response: &mut CompletionResponse, ) -> Pin<Box<dyn Future<Output = Result<GuardAction, Error>> + Send + '_>>
Called after each LLM response. Can inspect and mutate the response
(e.g. redact PII in
ContentBlock::Text blocks before it reaches the
caller, audit log, or downstream tools). Read moreSource§fn post_tool(
&self,
_call: &ToolCall,
_output: &mut ToolOutput,
) -> Pin<Box<dyn Future<Output = Result<(), Error>> + Send + '_>>
fn post_tool( &self, _call: &ToolCall, _output: &mut ToolOutput, ) -> Pin<Box<dyn Future<Output = Result<(), Error>> + Send + '_>>
Called after each tool execution (after truncation). Can mutate the
output (e.g., redact sensitive data).
Err converts to a tool error
(consistent with tool execution errors — the agent loop continues).Auto Trait Implementations§
impl Freeze for DomainAllowlistGuard
impl RefUnwindSafe for DomainAllowlistGuard
impl Send for DomainAllowlistGuard
impl Sync for DomainAllowlistGuard
impl Unpin for DomainAllowlistGuard
impl UnsafeUnpin for DomainAllowlistGuard
impl UnwindSafe for DomainAllowlistGuard
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more