Skip to content

Default Guardrail Configurations

NeMo Guardrails ships with three built-in guardrail configurations that are automatically created in the system workspace.

default

Applies no safety checks. Requests that use this configuration are passed directly to the model without modification.

Use when: You want to use guardrails infrastructure without applying any rails — for example, during development or as a baseline for comparison.

content-safety

Applies NemoGuard Content Safety checks to both user inputs and model outputs using the nvidia/llama-3.1-nemotron-safety-guard-8b-v3 NIM. Inputs and outputs are classified across 23 safety categories (violence, hate, PII, and others). Unsafe content in the user input or LLM output is blocked.

Use when: You want to detect and block harmful, abusive, or policy-violating content in user messages and model responses.

Prerequisites

The content-safety configuration requires the system/nvidia-llama-3-1-nemotron-safety-guard-8b-v3 Model Entity to be deployed and accessible in the system workspace.

The model is available on build.nvidia.com if you do not have access to GPUs. See Setup for instructions on creating a ModelProvider that routes requests to that endpoint.

See About Models and Inference for how models are made available through the platform.

self-check

Applies a self-check input rail using the model in the incoming inference request. The rail prompts the model to evaluate whether the user message violates a set of general-purpose content policies (harmful data, impersonation, explicit content, and others) and blocks the message if the model responds "Yes".

Unlike content-safety, this configuration does not require a dedicated safety NIM — it uses the main model in the request.

Use when: You want a lightweight input guard that works with any model.

Using a Default Configuration

Default configurations live in the system workspace. Reference them in your VirtualModel's middleware entry as system/<config_name>.

import os
from nemo_platform import NeMoPlatform

client = NeMoPlatform(
    base_url=os.environ.get("NMP_BASE_URL", "http://localhost:8080"),
    workspace="default",
)

Create a VirtualModel that uses the content-safety default configuration:

nemo inference virtual-models create guarded-with-defaults \
  --default-model-entity system/meta-llama-3-1-8b-instruct \
  --request-middleware '[{"name":"nemo-guardrails","config_type":"guardrail_config","config_id":"system/content-safety"}]' \
  --response-middleware '[{"name":"nemo-guardrails","config_type":"guardrail_config","config_id":"system/content-safety"}]'

client.inference.virtual_models.create(
    name="guarded-with-defaults",
    default_model_entity="system/meta-llama-3-1-8b-instruct",
    request_middleware=[
        {
            "name": "nemo-guardrails",
            "config_type": "guardrail_config",
            "config_id": "system/content-safety",
        }
    ],
    response_middleware=[
        {
            "name": "nemo-guardrails",
            "config_type": "guardrail_config",
            "config_id": "system/content-safety",
        }
    ],
)

Then make inference calls using the VirtualModel:

nemo chat default/guarded-with-defaults "Hello"

Cleanup

Delete the VirtualModel when you no longer need it. The system/content-safety configuration is platform-managed, so you do not delete it.

nemo inference virtual-models delete guarded-with-defaults

client.inference.virtual_models.delete(name="guarded-with-defaults")