Use Cases

The NeMo Guardrails toolkit supports a wide range of use cases for protecting LLM-based applications. The following sections describe the primary use cases.

Use Cases and Rail Types

The following table shows which rail types apply to each use case:

Use Case	Input	Dialog	Retrieval	Execution	Output
Content Safety	✅				✅
Jailbreak Protection	✅
Topic Control	✅	✅
PII Detection	✅		✅		✅
Knowledge Base / RAG			✅		✅
Agentic Security				✅
Custom Rails	✅	✅	✅	✅	✅

---

Content Safety

Content safety guardrails help ensure that both user inputs and LLM outputs are safe and appropriate. The NeMo Guardrails toolkit provides multiple approaches to content safety:

• LLM self-checking: Use the LLM itself to check inputs and outputs for harmful content.

• NVIDIA safety models: Integration with Llama 3.1 NemoGuard 8B Content Safety for robust content moderation.

• Community models: Support for LlamaGuard, Fiddler Guardrails, and other content safety solutions.

• Third-party APIs: Integration with ActiveFence, Cisco AI Defense, and other moderation services.

For more information, refer to the Content Safety section in the Guardrails Library and the Getting Started guide.

Jailbreak Protection

Jailbreak detection helps prevent adversarial attempts to bypass safety measures and manipulate the LLM into generating harmful or unwanted content. The NeMo Guardrails toolkit provides multiple layers of jailbreak protection:

• Self-check jailbreak detection: Use the LLM to identify jailbreak attempts.

• Heuristic detection: Pattern-based detection of common jailbreak techniques.

• NVIDIA NemoGuard: Integration with NemoGuard Jailbreak Detection NIM for advanced threat detection.

• Third-party integrations: Support for Prompt Security, Pangea AI Guard, and other services.

For more information, refer to the Jailbreak Detection section in the Guardrails Library and LLM Vulnerability Scanning.

Topic Control

Topic control guardrails ensure that conversations stay within predefined subject boundaries and prevent the LLM from engaging in off-topic discussions. This is implemented through:

• Dialog rails: Pre-defined conversational flows using the Colang language.

• Topical rails: Control what topics the bot can and cannot discuss.

• NVIDIA NemoGuard: Integration with NemoGuard Topic Control NIM for semantic topic detection.

For more information, refer to the Topical Rails tutorial and Colang Language Syntax Guide.

PII Detection

Personally Identifiable Information (PII) detection helps protect user privacy by detecting and masking sensitive data in user inputs, LLM outputs, and retrieved content. The NeMo Guardrails toolkit supports PII detection through multiple integrations:

• Presidio-based detection: Built-in support using Microsoft Presidio for detecting entities such as names, email addresses, phone numbers, social security numbers, and more.

• Private AI: Integration with Private AI for advanced PII detection and masking.

• AutoAlign: Support for AutoAlign PII detection with customizable entity types.

• GuardrailsAI: Access to GuardrailsAI PII validators from the Guardrails Hub.

PII detection can be configured to either detect and block content containing PII or to mask PII entities before processing:

rails:
  config:
    sensitive_data_detection:
      input:
        entities:
          - PERSON
          - EMAIL_ADDRESS
          - PHONE_NUMBER
  input:
    flows:
      - mask sensitive data on input

For more information, refer to the Presidio Integration and Sensitive Data Detection section in the Guardrails Library.

Agentic Security (Security Rails for Agent Systems)

Agentic security provides specialized guardrails for LLM-based agents that use tools and interact with external systems. This includes:

• Tool call validation: Execution rails that validate tool inputs and outputs before and after invocation.

• Agent workflow protection: Integration with LangGraph for multi-agent safety.

• Secure tool integration: Guidelines for safely connecting LLMs to external resources (refer to Security Guidelines).

• Action monitoring: Detailed logging and tracing of agent actions.

Key security considerations for agent systems:

1. Isolate all authentication information from the LLM.

2. Validate and sanitize all tool inputs.

3. Apply execution rails to tool calls.

4. Monitor agent behavior for unexpected actions.

For more information, refer to the Tools Integration Guide, Security Guidelines, and LangGraph Integration.

Custom Rails

The NeMo Guardrails toolkit provides extensive flexibility for creating custom guardrails tailored to your specific requirements:

Custom Rails into Guardrails

You can create custom rails using one or more of the following approaches:

1. Colang flows: Define custom dialog flows, input rails, and output rails using the Colang language.

   define user express greeting
     "Hello!"
     "Good morning!"
   
   define flow
     user express greeting
     bot express greeting
     bot offer to help
   

   For more information, refer to the Colang Language Syntax Guide.

2. Python actions: Create custom actions in Python for complex logic and external integrations.

   from nemoguardrails.actions import action
   
   @action()
   async def check_custom_policy(context: dict):
       # Custom validation logic
       return True
   

   For more information, refer to the Python API Guide.

3. LangChain tool integration: Register LangChain tools as custom actions.

   from langchain_core.tools import tool
   
   @tool
   def custom_tool(query: str) -> str:
       """Custom tool implementation."""
       return result
   
   rails.register_action(custom_tool, "custom_action")
   

   For more information, refer to the Tools Integration Guide.

4. Third-party API integration: Integrate external moderation and validation services. For examples, refer to the Guardrails Library which includes integrations with ActiveFence, AutoAlign, Fiddler, and other services.

Integrate Guardrails into LLM-based Applications

The NeMo Guardrails toolkit can be integrated into applications in multiple ways:

1. Python SDK integration: Add guardrails directly into your Python application.

   from nemoguardrails import LLMRails, RailsConfig
   
   config = RailsConfig.from_path("path/to/config")
   rails = LLMRails(config)
   
   # Use in your application
   response = rails.generate(messages=[...])
   

2. LangChain integration: Wrap guardrails around LangChain chains or use chains within guardrails.

   from nemoguardrails.integrations.langchain.runnable_rails import RunnableRails
   
   guardrails = RunnableRails(config)
   chain_with_guardrails = prompt | guardrails | model | output_parser
   

   For more information, refer to the LangChain Integration Guide.

3. HTTP API integration: Use the guardrails server to add protection to applications in any programming language.

   nemoguardrails server --config path/to/configs
   

   For more information, refer to the Server Guide.

4. Docker deployment: Deploy guardrails as a containerized service. For more information, refer to the Using Docker Guide.

For complete examples and detailed integration patterns, refer to the examples directory in the GitHub repository.