Skip to main content
Beyond routing and cost controls, TrustGate ships guardrail policies that inspect request and/or response content and block (or transform) what they flag. Attach one — or several — as a policy, global or per consumer.
Policy (slug)ProviderStages
trustguardNeuralTrust TrustGuardpre_request · pre_response
openai_moderationOpenAI Moderations APIpre_request · pre_response
azure_content_safetyAzure AI Content Safetypre_request
bedrock_guardrailAWS Bedrock Guardrailspre_request · pre_response
Streaming responses cannot be inspected or blocked in realtime by these policies. Apply guardrails on the request leg (or to non-streaming responses) for enforcement.

TrustGuard

The trustguard policy inspects content with TrustGuard — NeuralTrust’s runtime security service for jailbreaks, PII, toxicity, and tool abuse — and block what it flags. This is the deepest detection option and the recommended default for NeuralTrust deployments.
SettingTypeDefaultNotes
collector_idstringTrustGuard collector UUID bound to this policy. Required.
directionenumrequestrequest, response, or request_response.
TrustGuard fails open: on any transport error, timeout, non-2xx response, or missing base URL, the request passes through. Connection settings come from the deployment’s TRUSTGUARD_* environment. See the TrustGate integration.
{ "slug": "trustguard", "settings": { "collector_id": "<uuid>", "direction": "request_response" } }

OpenAI Moderation

The openai_moderation policy screens text with the OpenAI Moderations API and blocks content that crosses configured category thresholds. Text-only.
SettingTypeDefaultNotes
api_keystringOpenAI credential (Bearer). Required.
modelstringomni-moderation-latestModerations model.
stagesenum[]Legs to inspect: pre_request, pre_response.
categoriesstring[]Categories to evaluate (empty = all returned).
thresholdsmapPer-category score threshold 0..1; a score ≥ threshold blocks.
block_on_flaggedboolfalseBlock anything OpenAI marks flagged, even without a threshold.
action.messagestringBlock message returned to the caller.
In enforce mode this policy fails closed (HTTP 502) on any moderator error; observe mode records and passes through.
{
  "slug": "openai_moderation",
  "settings": {
    "api_key": "sk-…",
    "stages": ["pre_request"],
    "thresholds": { "harassment": 0.7, "hate": 0.5 },
    "block_on_flagged": true
  }
}

Azure Content Safety

The azure_content_safety policy screens request content with the Azure AI Content Safety Analyze Text API and blocks categories whose severity meets the configured threshold.
SettingTypeDefaultNotes
api_keystringAzure subscription key (Ocp-Apim-Subscription-Key). Required.
endpointstringAbsolute Analyze Text endpoint URL. Required.
output_typeenumFourSeverityLevelsFourSeverityLevels (0/2/4/6) or EightSeverityLevels (0–7).
categoriesenum[]allHate, Violence, SelfHarm, Sexual.
category_severitymapPer-category severity threshold; only listed categories are enforced. Required.
messagestringOptional block message.
Fails closed in enforce mode.
{
  "slug": "azure_content_safety",
  "settings": {
    "api_key": "…",
    "endpoint": "https://<resource>.cognitiveservices.azure.com/contentsafety/text:analyze?api-version=2024-09-01",
    "category_severity": { "Hate": 4, "Violence": 4 }
  }
}

AWS Bedrock guardrail

The bedrock_guardrail policy applies an AWS Bedrock guardrail to request prompts and/or responses. It inspects the topic, content, word, sensitive-information (PII), and contextual-grounding policy families configured on the guardrail, and blocks with a 403 or anonymizes PII in place. Streaming responses pass through untouched.
SettingTypeDefaultNotes
guardrail_idstringAWS Bedrock guardrail identifier. Required.
versionstringDRAFTGuardrail version.
pii_actionenumblockOn sensitive-info match: block or anonymize.
messagestringOptional block message.
credentialsobjectAWS auth (region, static keys or use_role + role_arn). Required.
{
  "slug": "bedrock_guardrail",
  "settings": {
    "guardrail_id": "abcd1234",
    "version": "DRAFT",
    "pii_action": "anonymize",
    "credentials": { "aws_region": "us-east-1", "use_role": true, "role_arn": "arn:aws:iam::…:role/…" }
  }
}

Choosing a guardrail

  • trustguard — the richest, NeuralTrust-native detection; use it as the primary guardrail and correlate its findings with Telemetry Alerts.
  • openai_moderation / azure_content_safety — lightweight content moderation if you already use those providers.
  • bedrock_guardrail — reuse guardrails you’ve already defined in AWS Bedrock, including in-place PII anonymization.
Guardrails compose: run several in one policy chain (e.g. TrustGuard on the request plus a Bedrock guardrail for PII anonymization on the response).