Copy as Markdown[Open in ChatGPT](https://chatgpt.com/?q=Read%20https%3A%2F%2Fcoralogix.com%2Fdocs%2Fuser-guides%2Fai%2Fguardrails%2Fprebuilt_policies.md%20and%20help%20me%20with%20my%20question%20about%20this%20Coralogix%20documentation%20page.)[Open in Claude](https://claude.ai/new?q=Read%20https%3A%2F%2Fcoralogix.com%2Fdocs%2Fuser-guides%2Fai%2Fguardrails%2Fprebuilt_policies.md%20and%20help%20me%20with%20my%20question%20about%20this%20Coralogix%20documentation%20page.)

# Guardrails prebuilt policies

Coralogix Guardrails includes prebuilt policies that you can apply immediately to protect your LLM applications. Each policy performs a real-time, deterministic check on model inputs or outputs and throws an exception when a violation is detected.

## Available prebuilt policies[​](#available-prebuilt-policies "Direct link to Available prebuilt policies")

| Policy                                | What it detects                                                                                                              | When to use                                                                 |
| ------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------- |
| [Prompt Injection](#prompt-injection) | Attempts to manipulate model behavior by injecting malicious instructions into user prompts                                  | All production AI applications that accept user input                       |
| [PII Detection](#pii-detection)       | Personally identifiable information such as email addresses, phone numbers, credit card numbers, and Social Security Numbers | Data privacy compliance (GDPR, HIPAA) and sensitive data leakage prevention |
| [Toxicity](#toxicity)                 | Toxic, harmful, or offensive content including hate speech, threats, harassment, and abusive language                        | Customer-facing AI and brand safety                                         |

For domain-specific protection beyond the prebuilt options, see [Custom Policies](https://coralogix.com/docs/docs/user-guides/ai/guardrails/custom_policies/.md).

## What you need[​](#what-you-need "Direct link to What you need")

* `cx-guardrails` installed. See [Getting Started with Guardrails](https://coralogix.com/docs/docs/user-guides/ai/guardrails/getting_started/.md).
* The `AI-GUARDRAILS:MANAGE` [permission](https://coralogix.com/docs/docs/user-guides/aaa/access-control/permissions/permissions-list/.md).
* A [Team API key](https://coralogix.com/docs/docs/user-guides/account-management/api-keys/api-keys/.md) with the **AiObservability** role preset, used as `CX_GUARDRAILS_TOKEN`. The AiObservability preset includes `AI-GUARDRAILS:MANAGE` and all other permissions required to use Guardrails.

## Understanding thresholds[​](#understanding-thresholds "Direct link to Understanding thresholds")

All prebuilt policies return a score between 0 and 1.

| Score range | Meaning                                 | Action taken?          |
| ----------- | --------------------------------------- | ---------------------- |
| Closer to 1 | Violation detected with high confidence | Yes — exception thrown |
| Closer to 0 | Low severity — probably not a violation | No                     |

Guardrail policies use **configurable thresholds** in the code. The threshold defines the value from which a guardrail action is triggered — when the score meets or exceeds the threshold you set, the policy throws an exception, blocks the interaction, and the system marks the event as an issue.

## Prompt injection[​](#prompt-injection "Direct link to Prompt injection")

The prompt injection detection policy identifies and blocks attempts to manipulate model behavior through malicious instructions injected into user prompts — such as attempts to ignore system instructions, leak system prompts, or perform unintended actions.

### Configuration[​](#configuration "Direct link to Configuration")

**Custom threshold**

Adjust detection sensitivity (0.0 to 1.0, default 0.7):

```
# Lower threshold — more sensitive

await guardrails.guard_prompt(

    prompt=user_input,

    guardrails=[PromptInjection(threshold=0.5)],

)



# Higher threshold — less sensitive

await guardrails.guard_prompt(

    prompt=user_input,

    guardrails=[PromptInjection(threshold=0.9)],

)
```

For full setup including SDK installation and environment variables, see [Prompt Injection Detection](https://coralogix.com/docs/docs/user-guides/ai/guardrails/prompt_injection/.md).

## PII detection[​](#pii-detection "Direct link to PII detection")

The PII detection policy identifies personally identifiable information in prompts or responses, preventing sensitive personal data from being processed or exposed by your LLM applications.

### Available PII categories[​](#available-pii-categories "Direct link to Available PII categories")

| Category      | Enum value                  | Description                |
| ------------- | --------------------------- | -------------------------- |
| Email Address | `PIICategory.EMAIL_ADDRESS` | Email addresses            |
| Phone Number  | `PIICategory.PHONE_NUMBER`  | Phone numbers              |
| Credit Card   | `PIICategory.CREDIT_CARD`   | Credit/debit card numbers  |
| US SSN        | `PIICategory.US_SSN`        | US Social Security Numbers |

### Configuration[​](#configuration-1 "Direct link to Configuration")

**Specific categories**

Detect only specific PII types:

```
await guardrails.guard_prompt(

    prompt=user_input,

    guardrails=[PII(categories=[PIICategory.EMAIL_ADDRESS, PIICategory.CREDIT_CARD])],

)
```

**Custom threshold**

Adjust detection sensitivity (0.0 to 1.0, default 0.7):

```
# Lower threshold — more sensitive

await guardrails.guard_prompt(

    prompt=user_input,

    guardrails=[PII(threshold=0.5)],

)



# Higher threshold — less sensitive

await guardrails.guard_prompt(

    prompt=user_input,

    guardrails=[PII(threshold=0.9)],

)
```

For full setup including SDK installation and environment variables, see [PII Detection](https://coralogix.com/docs/docs/user-guides/ai/guardrails/pii/.md).

## Toxicity[​](#toxicity "Direct link to Toxicity")

The toxicity detection policy identifies harmful, offensive, or inappropriate content — including hate speech, threats, harassment, and abusive language — in prompts or responses before they reach users.

### Configuration[​](#configuration-2 "Direct link to Configuration")

**Custom threshold**

Adjust detection sensitivity (0.0 to 1.0, default 0.7):

```
# Lower threshold — more sensitive

await guardrails.guard_prompt(

    prompt=user_input,

    guardrails=[Toxicity(threshold=0.5)],

)



# Higher threshold — less sensitive

await guardrails.guard_prompt(

    prompt=user_input,

    guardrails=[Toxicity(threshold=0.9)],

)
```

For full setup including SDK installation and environment variables, see [Toxicity Detection](https://coralogix.com/docs/docs/user-guides/ai/guardrails/toxicity/.md).

## Next steps[​](#next-steps "Direct link to Next steps")

Set up prompt injection detection for your LLM applications with [Prompt injection](https://coralogix.com/docs/docs/user-guides/ai/guardrails/prompt_injection/.md).
