Agentic AI - Guardrails

-

 


Agentic AI refers to AI systems that can autonomously plan, decide, and act—interacting with tools, APIs, and environments without constant human oversight. Guardrails are essential to ensure these agents operate safely, ethically, and within defined boundaries.

🤖 What Is Agentic AI?

Unlike traditional AI that passively generates responses (e.g., chatbots or classifiers), Agentic AI systems are active participants in workflows. They can:

  • 🔍 Search and retrieve internal or external data
  • ⚙️ Trigger workflows or automate multi-step tasks
  • 🧠 Make decisions based on goals and context
  • 🧾 Write or modify code, schedule events, or make purchases
  • 🔗 Interact with APIs, databases, and other systems

⚠️ Why Guardrails Are Critical for Agentic AI

Because agentic systems can act independently, they pose greater systemic risk than traditional AI. Without proper controls, they might:

  • 🕵️‍♂️ Access sensitive data unintentionally
  • 🧨 Trigger unauthorized actions (e.g., deleting files, sending emails)
  • 🧠 Hallucinate decisions that lead to real-world consequences
  • 🔁 Cascade errors across systems or workflows
  • 🧬 Amplify bias or misuse tools in unpredictable ways

We will use an open source Agentic AI guardrail tool called "Guardrails AI".

Guardrails AI is a framework that helps you add validation, safety, and structure to the inputs and outputs of large language models (LLMs) like OpenAI’s GPT.

It acts as a middleware layer that ensures your LLM responses are reliable, safe, and aligned with your application’s requirements.


In the below example, we are going to create a guardrail for an AI Agent which process automatic refund.

The guardrail says that the AI Agent can refund maximum of 100$ per transaction.

from pydantic import BaseModel, Field
from guardrails.hub import ValidRange
from guardrails import Guard

# Initialize Validator 0 to 100$
val = ValidRange(min=0, max=100, on_fail="exception")

# Create Pydantic BaseModel
class custInfo(BaseModel):
    cust_name: str
    refund_amt: int = Field(validators=[val])


# Create a Guard to check for valid Pydantic output
guard = Guard.from_pydantic(output_class=custInfo)

# Customer refund data as per LLM output
# I am generating static data
refund_data = {'Alice': 50, 'Peter':100, 'Sam': 150}
for k,v in refund_data.items():
    try:
        cust_refund=f"""
            {{
            "cust_name": "{k}",
            "refund_amt": "{v}"
            }}
        """
        guard.parse(cust_refund)
        print(f"Successfully processed refund for {k} and for the amount {v}$")
    except Exception as e:
        print(f"Failed: {e}")

"refund_data" is a dictionary containing list of customer name and their refund amount.

# Initialize Validator 0 to 100$
val = ValidRange(min=0, max=100, on_fail="exception")

We are setting up guardrails with the valid range of amount to refund.


guard.parse(cust_refund)

Checks each transaction against the implemented Guardrails.






Comments

Post a Comment

Popular posts from this blog

K8s - ETCD

-
Image
  etcd is a "strongly consistent , distributed key-value store". Why etcd? 1. Consistency : Since the API server is the central coordination point of the entire cluster; strong consistency is essential. It would be a disaster if, say, two nodes tried to attach the same persistent volume over iSCSI because the API server told them both that it was available. 2. Availability: API downtime means that the entire Kubernetes control plane comes to a halt, which is undesirable for production clusters. The  CAP theorem  says that 100% availability is impossible with strong consistency, but minimizing downtime is still a critical goal. 3. Consistent Performance: The API server for a busy Kubernetes cluster receives a fair amount of read and write traffic. The secret behind etcd's balance of strong consistency and high availability is the  Raft algorithm . Raft solves a particular problem: how can multiple independent processes decide on a single value for somethin...
Read more

SRE/DevOps Syllabus

-
Image
  DEVOPS/SRE Principles. Git What is Git? Architecture of Git. Working principle of Git. Create and cloning a repo. Version control branching. Version control commit. Version control managing workflows. Git hooks. Git Reflog. Git Stash. Git Cherry Picking. Undoing changes in different states of Git. Git based terraform template management. AWS CI/CD SDLC Automation. Code Commit. Code Build. Code Deployment. Code Pipeline. Elastic Beankstalk. Code Artifact. CodeGuru. Terraform Terraform Basics. Terraform State. Working with Terraform. Terraform with AWS. Remote State. Terraform Provisioners. Terraform Import, Tainting and Debugging. Terraform Modules. Terraform Functions and Conditional Expressions. Automation using Python - AWS AWS lambda. Automating EC2 with Lambda. Automating S3 with Lambda. Automating VPC with Lambda. Cost optimization with Lambda. SNS,SQS and SES with Python. Managing and Automating AWS Security with Python. Kubernetes - CKAD Application Developer. Kubernetes A...
Read more

K8s - Deployment and HPA replicas

-
Image
  We all know that replica is a critical part of a K8s deployment. Default replica is 1. Setting replicas as 3 will ensure 3 pods of that deployment is running at any given time.  Replica are internally managed by replica set which is in turn controlled by the K8s  ReplicationController   . When a pod is bad or deleted as part of replicaset, replication controller will ensure a new pod is created. Now, coming to HPA (Horizontal Pod Autoscaler) which is a dynamic scaler which works at the pod level based on the metrics configured.  When we configure we must mention min and max values. They should be greater than 1. Let's image I create a HPA with min as 5 and max as 10 under the condition of CPU utilization more than 50%. Initial deployment is set with the replica as 1. On top the deployment, I am attaching a HPA with the mentioned configuration. Under HPA, we are forcing the min replicas to 5. Hence, it autoscales the pod to 5 even though the CPU utilization is ...
Read more