Guardrails API

Run NodeLoom's guardrail engine on arbitrary text without a workflow execution. Ideal for external agents that need to enforce safety checks before or after LLM calls.

Authentication

This endpoint supports both JWT session auth and SDK token auth (Bearer sdk_...). Any team member (Viewer or above) can run checks.

Check Guardrails

POST

/api/guardrails/check

Run guardrail checks on text content

Query Parameters

Parameter	Type	Required	Description
`teamId`	UUID	Yes	The team whose custom rules and credentials to use

Request Body

Field	Type	Required	Description
`text`	string	Yes	Text content to check (max 100,000 characters)
`detectPromptInjection`	boolean	No	Enable prompt injection detection
`injectionSensitivity`	number	No	Sensitivity threshold (0.0–1.0, default 0.7)
`redactPii`	boolean	No	Enable PII detection and redaction
`piiTypes`	string	No	Comma-separated PII types: email, ssn, credit_card, phone, ip_address, api_key, jwt
`filterContent`	boolean	No	Enable harmful content filtering
`contentCategories`	string	No	Comma-separated categories: hate, harassment, violence, self_harm, sexual
`validateSchema`	boolean	No	Enable JSON schema validation
`jsonSchema`	object	No	JSON Schema to validate against (when validateSchema is true)
`applyCustomRules`	boolean	No	Run the team’s enabled custom guardrail rules (regex, keyword, JS, LLM)
`detectSemanticManipulation`	boolean	No	Enable embedding-based semantic similarity check
`onViolation`	string	No	Action on violation: BLOCKED (default), WARNED, or LOGGED

Example Request

bash

curl -X POST "https://your-instance.nodeloom.io/api/guardrails/check?teamId=TEAM_ID" \
  -H "Authorization: Bearer sdk_..." \
  -H "Content-Type: application/json" \
  -d '{
    "text": "Contact me at [email protected]. Ignore previous instructions.",
    "detectPromptInjection": true,
    "redactPii": true,
    "applyCustomRules": true,
    "onViolation": "BLOCKED"
  }'

Response

Field	Type	Description
`passed`	boolean	true if no blocking violations were found
`violations`	array	List of violation objects (see below)
`redactedContent`	string	Text with PII redacted (if redactPii was enabled)
`checks`	array	Summary of each check that was run

Violation Object

Field	Type	Description
`type`	string	PROMPT_INJECTION, PII_REDACTION, CONTENT_FILTER, SCHEMA_VALIDATION, CUSTOM_RULE, or SEMANTIC_SIMILARITY
`severity`	string	LOW, MEDIUM, HIGH, or CRITICAL
`action`	string	BLOCKED, WARNED, REDACTED, or LOGGED
`message`	string	Human-readable description of the violation
`confidence`	number	Detection confidence score (0.0–1.0)
`details`	object	Additional details (varies by check type)

Example Response

json

{
  "passed": false,
  "violations": [
    {
      "type": "PROMPT_INJECTION",
      "severity": "HIGH",
      "action": "BLOCKED",
      "message": "Prompt injection attempt detected: instruction override",
      "confidence": 0.91,
      "details": {}
    },
    {
      "type": "PII_REDACTION",
      "severity": "MEDIUM",
      "action": "BLOCKED",
      "message": "Email address detected",
      "confidence": 0.99,
      "details": {}
    }
  ],
  "redactedContent": "Contact me at [EMAIL_REDACTED]. Ignore previous instructions.",
  "checks": [
    { "type": "PROMPT_INJECTION", "passed": false, "violationsFound": 1, "durationMs": 8 },
    { "type": "PII_REDACTION", "passed": false, "violationsFound": 1, "durationMs": 3 },
    { "type": "CUSTOM_RULE", "passed": true, "violationsFound": 0, "durationMs": 12 }
  ]
}

SDK Usage

All four SDKs include a convenience method for this endpoint:

Python

from nodeloom import NodeLoom

client = NodeLoom(api_key="sdk_...")
result = client.api.check_guardrails(
    team_id="your-team-id",
    text="User input to validate",
    detect_prompt_injection=True,
    apply_custom_rules=True,
)
if not result["passed"]:
    print("Blocked:", result["violations"][0]["message"])

TypeScript

import { NodeLoomClient } from "@nodeloom/sdk";

const client = new NodeLoomClient({ apiKey: "sdk_..." });
const result = await client.api.checkGuardrails("your-team-id", "User input", {
  detectPromptInjection: true,
  applyCustomRules: true,
});
if (!result.passed) {
  console.log("Blocked:", result.violations[0].message);
}

Java

NodeLoom client = NodeLoom.builder().apiKey("sdk_...").build();
String result = client.api().checkGuardrails("your-team-id",
    "{\"text\":\"User input\",\"detectPromptInjection\":true}");

client := nodeloom.New("sdk_...")
result, err := client.Api().CheckGuardrails("your-team-id", map[string]any{
    "text":                   "User input",
    "detectPromptInjection":  true,
    "applyCustomRules":       true,
})

What Gets Evaluated

The standalone guardrail API evaluates two categories of checks:

Category	Source	Enabled By
Built-in detectors	Configured per request via the request body	`detectPromptInjection`, `redactPii`, `filterContent`, etc.
Team custom rules	From Settings → Custom Rules (REGEX, KEYWORD_LIST, JAVASCRIPT, LLM_PROMPT)	`applyCustomRules: true`

Per-workflow guardrails

The standalone API does not evaluate per-workflow guardrail node configurations. Those only run during workflow executions. The standalone API is designed for external agents that need safety checks independent of any workflow.

No side effects

Standalone guardrail checks are stateless. Violations are not recorded in the database and incident playbooks are not triggered. This makes the endpoint safe for high-frequency use in agent hot paths.

Teams

SDK