Skip to main content
PII detection and Guardrails provide safety, privacy, and compliance controls for Agentic Apps. Together, they prevent sensitive data exposure, enforce content policies, and maintain consistent agent behavior across all pipeline stages.

How It Works

The PII and Guardrails layers apply at every stage of the processing pipeline:
StageWhat happens
User InputSensitive data is identified and masked before reaching the model.
Agent ProcessingAgents operate on redacted data, preventing unintended PII propagation.
Agent ResponseGuardrails evaluate outputs to enforce safety and compliance policies.
User DisplayDe-anonymization occurs only when explicitly permitted.
Debug logs, traces, and sessions show redacted values by default, reducing the risk of accidental PII exposure.

PII Detection

PII detection identifies sensitive information—such as names, email addresses, and phone numbers—before it’s processed by the agent. Detected values are automatically masked or replaced based on your configuration. See PII Detection Patterns to configure detection rules.

Guardrails

Guardrails are pre-deployed scanners that evaluate agent inputs and outputs to maintain safety, stability, and compliance.
Scanner typeWhat it does
Input scannersEvaluate what agents receive. Block harmful language, jailbreak attempts, or unsafe instructions.
Output scannersEvaluate what agents generate. Prevent harmful or non-compliant content from reaching the user.
Common use cases:
  • Block harmful or inappropriate language.
  • Restrict content using regex patterns.
  • Detect toxicity or jailbreak attempts.
  • Prevent disallowed outputs.
Guardrails are automatically deployed across the account and can be added to any tool or flow without additional setup. See Guardrails Overview and Test a Scanner.

Data Anonymization

Data anonymization converts identifiable values into structured tokens during processing and storage.
FeatureDescription
Standard anonymizationApplies to all detected sensitive fields.
Token structure preservationEnsures downstream tools operate correctly with anonymized data.
Selective de-anonymizationPermitted only for components explicitly configured to access sensitive data—for example, database updates or third-party integrations.
Consistent anonymizationMaintains the same anonymized values within a single execution context to preserve workflow integrity.
To test your configuration:
  1. Select the test option.
  2. Provide sample input data.
  3. Review results and refine scanner settings as needed.