Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.opper.ai/llms.txt

Use this file to discover all available pages before exploring further.

Control Plane features are in early access and need to be turned on per account. Contact support@opper.ai if you’re interested.
Guard protects your calls before content reaches the model and before responses reach your caller. You assemble Guard rules — each is either an LLM guard (a prompt-based classifier) or a Regex guard (pattern-based), with an action (Flag / Block / Redact) and a scope.

Rule kinds

Open platform.opper.ai and navigate to Controls → Guard to add a rule. There are two kinds.

LLM Guard

A custom prompt that classifies content. The model returns a flagged/not-flagged decision; what happens next depends on the action.
  • Prompt — free-text classification instructions, for example: “Flag support messages that include a plaintext password, API key, or access token. Do not flag placeholders or general security questions.”
  • Model — the model that runs the check:
    • Auto (default) — cheapest model that supports structured output.
    • Small — GPT OSS 120B, EU-hosted.
    • Medium — Kimi K2.5, EU-hosted.
    • Large — Claude Opus 4.6 — highest accuracy.
  • Action — Flag, Block, or Redact.
  • Input / Output / Input + Output — where the rule applies.
Quick-start templates fill the prompt and action with reasonable defaults for common checks: PII, Toxicity, Secrets. You can edit any of them after picking the template.

Regex Guard

Pattern-based detection. Use this for known formats you want to catch deterministically.
  • Patterns — a list, each with an optional name, the regex, and flags chosen from i, m, s, d, y, u. The editor includes a test harness that highlights matches against sample text, plus an “AI-generate” button that drafts a pattern from a description.
  • Replacement — text used by Redact (default ***).
  • Action — Flag, Block, or Redact.
  • Input / Output / Input + Output — where the rule applies.
Quick-start templates exist for Email, Phone, Credit Card, SSN, and API Key patterns.

Actions

ActionWhat happens
FlagThe match is logged on the trace; the call proceeds normally.
BlockThe call is rejected — before the model runs (Input) or before the response returns (Output).
RedactThe matched content is replaced — either with the default *** or with the replacement text you set.

Scope

  • Organization — every project and every function.
  • Projects — one or more specific projects.
  • Functions — specific functions inside a project.
You can layer rules — an org-wide secrets check plus stricter rules on customer-facing functions, for example. Each rule fires independently.

In traces

Guardrail events appear on a span with a ShieldCheck icon labeled Guardrail, with status:
  • Passed — the call satisfied the rule.
  • Flagged — the rule matched but the action was Flag, so the call proceeded.
  • Blocked — the rule rejected the call (red).
Each event carries the rule’s name (when set), a family label (“LLM guard” or “Regex guard”), and a scope badge (Org-level / Project-level / Function-level). Redacted content appears already replaced in the span’s input or output — there’s no separate visualization for the redaction.

In playground

Guard rules apply to playground calls when the Project controls toggle in the task sidebar is on. The guardrail event shows up on the trace — open the trace ↗ link from the output footer to inspect it. To run a call as if the guardrails weren’t in place, switch Project controls off for the run.
Start with Flag while you’re validating a new rule. Once you trust it, switch to Block or Redact for the same rule.
Combine an LLM Guard for fuzzy detection (e.g., toxicity) with a Regex Guard for exact patterns (e.g., credit card numbers). Regex is faster and cheaper; LLM Guard catches things regex can’t.