Extend the guardrails filter to support external content safety providers and response-side inspection.
If feasible make this generic, so that we can plug into a specific provider now (say, Nemo), but keep the schema generalized to support others easily later.
Scope:
- External guardrail provider integration via webhook callout
- Built-in PII detection (SSN, credit card, phone, email, URL patterns)
- Response-side guardrails (inspect LLM output before returning to client)
- Actions: allow, reject, mask (anonymize matched content)
- Per-route guardrail policy configuration
- Configurable fail-open/fail-closed on provider errors
Extend the guardrails filter to support external content safety providers and response-side inspection.
If feasible make this generic, so that we can plug into a specific provider now (say, Nemo), but keep the schema generalized to support others easily later.
Scope: