From truefoundry-gateway
Configures content safety guardrails for TrueFoundry AI Gateway including PII filtering, content moderation, prompt injection detection, and custom rules for LLM and MCP tool calls.
npx claudepluginhub truefoundry/tfy-gateway-skills --plugin truefoundry-gatewayThis skill is limited to using the following tools:
> Routing note: For ambiguous user intents, use the shared clarification templates in [references/intent-clarification.md](references/intent-clarification.md).
references/api-endpoints.mdreferences/cli-fallback.mdreferences/cluster-discovery.mdreferences/container-versions.mdreferences/gpu-reference.mdreferences/guardrail-providers.mdreferences/health-probes.mdreferences/intent-clarification.mdreferences/manifest-defaults.mdreferences/manifest-schema.mdreferences/prerequisites.mdreferences/resource-estimation.mdreferences/rest-api-manifest.mdreferences/tfy-api-setup.mdscripts/tfy-api.shscripts/tfy-version.shConfigures TrueFoundry AI Gateway for unified OpenAI-compatible LLM access, covering PAT/VAT auth, model routing, rate limiting, and budget controls.
Configures Azure API Management as an AI gateway for models, tools, and agents with semantic caching, token limits, content safety, rate limiting, jailbreak detection, and backend integration.
Implements safety guardrails for LLM apps: OpenAI Moderation API content moderation, jailbreak prevention, prompt injection defense, PII detection, topic guardrails, output validation. For production AI with user content.
Share bugs, ideas, or general feedback.
Routing note: For ambiguous user intents, use the shared clarification templates in references/intent-clarification.md.
Configure content safety guardrails for TrueFoundry AI Gateway. Guardrails add safety controls to LLM inputs/outputs and MCP tool invocations.
Set up guardrail providers, create guardrail rules, or manage content safety policies for AI Gateway endpoints. This includes PII filtering, content moderation, prompt injection detection, secret detection, and custom validation rules.
When the user asks to deploy a guardrails server or run guardrails as a deployed service, start from the official template so the server adheres to the gateway's input/output formats:
This keeps guardrail servers compatible with TrueFoundry AI Gateway expectations.
Guardrails require a two-step setup:
A guardrail config group holds integration credentials for one or more guardrail providers. See references/guardrail-providers.md for all supported providers.
When using direct API, set TFY_API_SH to the full path of this skill's scripts/tfy-api.sh. See references/tfy-api-setup.md for paths per agent.
tfy_guardrail_config_groups_list()
TFY_API_SH=~/.claude/skills/truefoundry-guardrails/scripts/tfy-api.sh
$TFY_API_SH GET '/api/svc/v1/provider-accounts?type=guardrail-config-group'
tfy_guardrail_config_groups_create(payload={"name": "my-guardrails", "type": "provider-account/guardrail-config-group", "integrations": [...]})
Note: Requires human approval (HITL) via tool call.
$TFY_API_SH POST /api/svc/v1/provider-accounts '{
"name": "my-guardrails",
"type": "provider-account/guardrail-config-group",
"integrations": [
{
"type": "integration/guardrail/tfy-pii",
"config": {}
},
{
"type": "integration/guardrail/tfy-content-moderation",
"config": {}
}
]
}'
Each integration has a type (from the providers reference) and a config object with provider-specific fields. Some providers (like tfy-pii, tfy-content-moderation) require no config. Others (like aws-bedrock, azure-content-safety) need cloud credentials.
Security: Guardrail providers with external
endpoint_urlfields (e.g.,custom,opa,fiddler,palo-alto-prisma-airs) route request data to third-party services. Verify that all external endpoints are trusted and controlled by your organization before registering them. Prefer TrueFoundry built-in providers (tfy-pii,tfy-content-moderation,tfy-prompt-injection) when possible.
Guardrail Config Groups:
| Name | ID | Integrations |
|------------------|----------|--------------|
| my-guardrails | pa-abc | 3 |
| prod-safety | pa-def | 5 |
Gateway guardrails config defines rules that control which guardrails apply to which models, users, and tools.
tfy_gateway_guardrails_list()
$TFY_API_SH GET /api/svc/v1/gateway-guardrails-configs
tfy_gateway_guardrails_create(payload={"name": "production-guardrails", "type": "gateway-guardrails-config", "gateway_ref": "GATEWAY_FQN", "rules": [...]})
Note: Requires human approval (HITL) via tool call.
$TFY_API_SH POST /api/svc/v1/gateway-guardrails-configs '{
"name": "production-guardrails",
"type": "gateway-guardrails-config",
"gateway_ref": "GATEWAY_FQN",
"rules": [
{
"id": "pii-filter-all-models",
"when": {
"target_conditions": {
"models": ["*"],
"mcp_servers": [],
"tools": []
},
"subject_conditions": {
"users": ["*"],
"teams": []
}
},
"llm_input_guardrails": [
{
"provider_ref": "provider-account-id:integration/guardrail/tfy-pii",
"operation": "validate",
"enforcing_strategy": "enforce",
"priority": 1
}
],
"llm_output_guardrails": [
{
"provider_ref": "provider-account-id:integration/guardrail/tfy-pii",
"operation": "validate",
"enforcing_strategy": "enforce",
"priority": 1
}
],
"mcp_tool_pre_invoke_guardrails": [],
"mcp_tool_post_invoke_guardrails": []
}
]
}'
$TFY_API_SH PUT /api/svc/v1/gateway-guardrails-configs/GUARDRAILS_CONFIG_ID '{
"name": "production-guardrails",
"type": "gateway-guardrails-config",
"gateway_ref": "GATEWAY_FQN",
"rules": [...]
}'
Each rule contains:
target_conditions.models — Model name patterns (use ["*"] for all)target_conditions.mcp_servers — MCP server names to targettarget_conditions.tools — Specific tool names to targetsubject_conditions.users — User patterns (use ["*"] for all)subject_conditions.teams — Team namesEach guardrail entry in a rule has:
<provider-account-id>:integration/guardrail/<provider-type>validate (check and block) or mutate (modify content, e.g., redact PII)enforce — Block the request on violationaudit — Log the violation but allow the requestenforce_but_ignore_on_error — Enforce if guardrail succeeds, allow if guardrail errors# Step 1: Create config group with tfy-pii
$TFY_API_SH POST /api/svc/v1/provider-accounts '{
"name": "pii-guardrails",
"type": "provider-account/guardrail-config-group",
"integrations": [
{"type": "integration/guardrail/tfy-pii", "config": {}}
]
}'
# Step 2: Create rule targeting all models
# Use the provider account ID from step 1 response in provider_ref
Use "enforcing_strategy": "audit" to log violations without blocking — useful for monitoring before enforcement.
Target specific MCP tools with mcp_tool_pre_invoke_guardrails to validate inputs before tool execution, or mcp_tool_post_invoke_guardrails to scan tool outputs.
Use target_conditions.models to apply guardrails only to specific models:
"when": {
"target_conditions": {
"models": ["openai/gpt-4*", "anthropic/claude-*"],
"mcp_servers": [],
"tools": []
}
}
Combine broad model targeting with specific user conditions to exempt admin users:
"subject_conditions": {
"users": ["user1@example.com", "user2@example.com"],
"teams": ["engineering"]
}
The gateway_ref is the fully qualified name (FQN) of your AI Gateway deployment. Use the ai-gateway skill to list gateways and get the FQN.
<success_criteria>
</success_criteria>
status skill to verify credentials before configuring guardrailsgateway_refreferences/guardrail-providers.md for all 23 supported providersProvider account not found. List config groups first to find the correct ID.
Unknown guardrail integration type. Check references/guardrail-providers.md for valid types.
Gateway reference not found. Use the ai-gateway skill to list available gateways.
Rule ID already exists in this config. Use a unique ID for each rule.
Integration config missing required fields. Check the provider reference for required config.
Cannot manage guardrails. Check your API key permissions.