Skip to main content
Guardrails · injection & content safety

Guardrails on every prompt — before the model ever sees it.

DVARA inspects every LLM request and response for prompt injection, jailbreak attempts, and unsafe content, then blocks, flags, or logs by policy. Detection runs inline on the gateway — in-process checks plus optional ML classifiers and your own HTTP plugins — so the protection travels with the call, not with each application.

Guardrails ship in every DVARA install — see pricing.

The model can't tell your instructions from an attacker's.

A poisoned document, a crafted user message, or a malicious tool response can override the system prompt, exfiltrate context, or push the model into unsafe output. Bolting a filter onto one app doesn't help the next app, the batch job, or the agent — “the model is usually fine” is not a control. DVARA enforces guardrails at the gateway, so every call is covered.

Input and output protection, on every call

OWASP LLM Top 10 coverage

Controls spanning 7 of the 10 categories — prompt injection, insecure output handling, sensitive-information disclosure, unbounded consumption, and more.

Unbounded-consumption limits

Cap input tokens, messages per request, message length, and default max-response tokens to stop resource-exhaustion abuse (OWASP LLM10).

Output-schema enforcement

Require responses to match a JSON Schema, with automatic retry on validation failure — so downstream code gets the shape it expects.

Grounding & hallucination checks

Flag claims in a response that aren’t supported by the source documents you provide, and block, flag, or log them.

Context-window governance

Warn or prune as a request approaches the model’s context window, with configurable thresholds and pruning strategy.

Optional ML classifiers

Plug in Lakera or Google Shield Gemini for ML-based injection and jailbreak detection alongside the in-process checks.

Custom HTTP guardrail plugins

Call your own detector over HTTP (HMAC-signed), per tenant or platform-wide, with fail-open or fail-closed behavior.

Streaming-safe

Guardrails run on streamed SSE output with a rolling window that catches patterns spanning chunk boundaries.

Scan, enforce, scan again, audit

  1. 1

    Inbound scan

    The prompt is checked for prompt injection, jailbreak attempts, and content violations before it is dispatched to any provider.

  2. 2

    Enforce

    Block, flag, or log per policy. Size limits — tokens, messages, message length — reject oversized requests early.

  3. 3

    Outbound scan

    The response is scanned for the same violations, optionally schema-validated and grounding-checked, before it returns to the caller.

  4. 4

    Audit

    Every guardrail decision is recorded in the signed audit trail and exported to Prometheus metrics.

Guardrail policy in DVARA Flightdeck

Guardrail plugin registry and policy management in DVARA FlightdeckGuardrail plugin registry and policy management in DVARA Flightdeck
Manage built-in and custom guardrails centrally — per tenant or platform-wide — with every detection recorded in the audit trail.

Common questions about LLM guardrails

How does Dvara detect prompt injection?

Inbound prompts are scanned inline on the gateway with regex and heuristic detection, with optional ML classifiers (Lakera, Shield Gemini) and custom HTTP plugins. Matches above a configurable risk threshold are blocked, flagged, or logged.

Does it guard model outputs too?

Yes. Responses are scanned for the same content and injection patterns, can be required to match a JSON Schema, and can be grounding-checked against source documents — including on streaming responses.

Which OWASP LLM Top 10 risks are covered?

Controls span 7 of the 10 categories, including prompt injection, insecure output handling, sensitive-information disclosure, and unbounded consumption via input, message, and response limits.

Can I bring my own detector?

Yes. Register a custom HTTP guardrail plugin (HMAC-signed) per tenant or platform-wide, with fail-open or fail-closed behavior, alongside the built-in checks.

Do guardrails require application changes?

No. They run at the gateway, so any OpenAI-compatible client and any agent are covered on the first call with no code changes.

Put a guardrail on every call.

Guardrails ship in every DVARA install. Start a free 30-day trial, or read how it works.