Report Abuse

Basic Information

Invariant Guardrails is a rule-based guardrailing layer designed to secure LLM and multi-component platform (MCP) powered AI applications. It operates between an application and its LLM or MCP servers as a proxy that continuously steers, inspects and monitors requests and tool calls without requiring invasive changes to application code. The project provides a Python-inspired domain specific language for writing matching rules that identify and prevent unsafe or malicious agent behaviors by inspecting message traces and function/tool invocations. It can be deployed via a Gateway integration that evaluates rules on each request, or used programmatically via the invariant-ai package to run policies locally or via the Invariant Guardrails API. The repository includes example rules, detectors such as prompt injection checks, a standard library of operations, documentation and a playground for testing rules.

Links

Categorization

App Details

Features
Features include a concise Python-like rule syntax for writing guardrail policies and pattern matching across messages, tool calls and tool outputs. Transparent integration as an MCP/LLM proxy through a Gateway that evaluates rules before and after each request. A programmatic library (invariant-ai) with LocalPolicy and Policy.from_string options to run policies locally or via the API. Built-in detectors and a standard library of checks, including prompt injection heuristics. Trace inspection of assistant, user and tool messages with the ability to raise errors or block flows when rules match. Examples and snippets demonstrate detecting dangerous sequences of tool calls. The repo provides documentation, an interactive playground for rule testing, and an open contribution model.
Use Cases
Invariant Guardrails helps developers secure agent systems by preventing unsafe actions, unintended tool flows and prompt-injection attacks through rule-based interception and analysis. It enforces policies that can detect and block sequences of tool calls, scan LLM and tool outputs for malicious content, and return structured error information when violations occur. Because it is situated between applications and model providers it enables continuous steering and monitoring without invasive code changes. The programmatic API supports local policy evaluation against message traces for testing and CI, while the Gateway integration automates runtime enforcement in deployments. Documentation, examples and a playground make it easier to author, iterate and validate guardrail rules.

Please fill the required fields*