Guides
Guardrails
Guardrails check request content before it reaches your handlers or your LLM: PII detection, prompt-injection detection, and token/length limits. Violations are rejected with HTTP 422.
Standard and strict chains
Go
// Standard: PII + injection + 100KB limit
chain := rateguard.StandardGuardrails()
// Strict: PII + injection + 32K token limit + 50KB limit
chain = rateguard.StrictGuardrails()Wire into the middleware
Go — every request body checked automatically
rg := rateguard.New(rateguard.Config{
Preset: "standard",
Guardrails: rateguard.StandardGuardrails(), // violations → 422
})Custom guardrails
Go
myGuardrail := MyCustomGuardrail{}
chain := rateguard.NewGuardrailChain(
rateguard.NewPIIGuardrail(),
rateguard.NewPromptInjectionGuardrail(),
myGuardrail,
)
if v := chain.Check(prompt); v != nil {
rateguard.WriteGuardrailReject(w, v) // HTTP 422
}Note
Guardrails are a defense-in-depth layer, not a substitute for provider-side safety systems. They catch the obvious cases (a PAN number in a prompt, a "ignore previous instructions" injection) at zero added latency, inside your process.