# Guardrails

**How guardrails work**

* **Company guardrail** – Applied to all models by default, unless a custom or excluded guardrail is set.
* **Custom guardrail** – Applies to specific models and has higher priority than the company guardrail.
* **Excluded models** – Models in the exclusion list are not affected by any guardrail.

*Priority order:* Excluded → Custom → Company

{% stepper %}
{% step %}

### Name your guardrail

Use descriptive names that indicate purpose (e.g., "PII-Protection-Customer-Data" or "Content-Filter-Internal-Use")
{% endstep %}

{% step %}

### Add validators

Select from the validators library based on your security requirements. \
[Click here for more info on Regex](#regex-match-validator). \
[Click here for more info on No PII](#no-pii-validator). 
{% endstep %}

{% step %}

### Configure each validator

Set specific parameters for detection and response behavior
{% endstep %}

{% step %}

### Test configuration

Validate settings before deployment. Note: you can edit guardrails anytime.
{% endstep %}
{% endstepper %}

### Regex match validator

Controls content based on pattern matching. Configure as follows:

<table><thead><tr><th width="214.4332275390625">Configuration</th><th>Meaning</th></tr></thead><tbody><tr><td><strong>Name</strong></td><td>Assign a descriptive identifier for the rule</td></tr><tr><td><strong>When Regex matches</strong></td><td><p><strong>Search:</strong> looks for pattern existence in content<br></p><p><strong>Extraction:</strong> identifies and extracts specific pattern matches</p></td></tr><tr><td><strong>Regex rule</strong></td><td>Define the pattern to match (e.g., credit card numbers, internal codes, sensitive identifiers)</td></tr><tr><td><strong>Trigger on</strong></td><td><strong>Input:</strong> validates user prompts and requests<br><strong>Output:</strong> validates AI model responses<br><strong>Both:</strong> validates both input and output</td></tr><tr><td><strong>Guardrail behavior</strong></td><td><strong>Fix:</strong> automatically removes or replaces sensitive data<br><strong>Filter:</strong> removes sensitive content with generic replacement<br><strong>Exception:</strong> blocks the request entirely and returns error</td></tr></tbody></table>

### No PII Validator

Detects and anonymizes Personally Identifiable Information. Configuration includes:

<table><thead><tr><th width="216.3828125">Configuration</th><th>Meaning</th></tr></thead><tbody><tr><td><strong>Name</strong></td><td>Assign identifier for the PII protection rule</td></tr><tr><td><strong>Entities</strong></td><td>Select specific PII types to detect (credit card numbers, crypto addresses, etc) </td></tr><tr><td><strong>Trigger on</strong></td><td>Choose Input, Output, or Both</td></tr><tr><td><strong>Guardrail behavior</strong></td><td><p><strong>Fix:</strong> Replaces PII with generic placeholders</p><p><strong>Exception:</strong> Blocks content containing PII</p></td></tr></tbody></table>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.nexos.ai/workspace/settings/organization/guardrails.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.