Using the AI Prompt Guard plugin - Plugin

The AI Prompt Guard configuration takes two arrays of objects: one for allow patterns, and one for deny patterns.

Prerequisites

First, as in the AI Proxy documentation, create a service, route, and ai-proxy plugin that will serve as your LLM access point.

You can now create the AI Prompt Guard plugin at the global, service, or route level, using the following examples.

Examples

The following examples show allow and deny patterns used in a financial processing auditing model.

Card numbers adherence (“Allow Only”)

For requests to pass through in this example, any of the user role messages in the prompt must have all card fields adhering to this standard (starts with integer 4, then 3 integers, and finally 12 asterisks).

This plugin would prevent accidental processing (and/or subsequent model training) where full card numbers are sent in.

allow_patterns:
  - '.*\"card\".*\"4[0-9]{3}\*{12}\"'

Valid

Invalid

{
  "messages": [
    {
      "role": "system",
      "content": "Use the default card processing validation rules."
    },
    {
      "role": "user",
      "content": "Validate this card: {\"card\": \"4111************\", \"cvv\": \"000\"}"
    }
  ]
}

{
  "messages": [
    {
      "role": "system",
      "content": "Use the default card processing validation rules."
    },
    {
      "role": "user",
      "content": "Validate this card: {\"card\": \"4111111111111111\",\"cvv\": \"000\"}"
    }
  ]
}

Card numbers adherence (“Deny Only”)

For requests to pass through in this example, an inverse of the above, any of the user role messages in the prompt must not be a card number field that starts with 5.

deny_patterns:
  - '\"card\".*\"5[0-9]{12}(?:[0-9]{3})?\"'

Valid

Invalid

{
  "messages": [
    {
      "role": "system",
      "content": "Use the default card processing validation rules."
    },
    {
      "role": "user",
      "content": "Validate this card: {\"card\": \"4111111111111111\",\"cvv\": \"000\"}"
    }
  ]
}

{
  "messages": [
    {
      "role": "system",
      "content": "Use the default card processing validation rules."
    },
    {
      "role": "user",
      "content": "Validate this card: {\"card\": \"5111111111111111\",\"cvv\": \"000\"}"
    }
  ]
}

Valid products (“Allow AND Deny rules”)

This example uses an ai-proxy plugin that has been configured for the llm/v1/completions route type. It expects only one JSON field: a prompt string.

For requests to pass through in this example, the message(s) from the callers to our audit LLM request:

Must contain at least one of the product names in the allow list
Must not contain any of the product names in the deny list

allow_patterns:
  - ".*(P|p)ears.*"
  - ".*(P|p)eaches.*"
deny_patterns:
  - ".*(A|a)pples.*"
  - ".*(O|o)ranges.*"

Valid

Neutral (Rejected)

Invalid

{
  "prompt": "Get me prices for: Pears"
}

{
  "prompt": "Get me prices for: Strawberries"
}

{
  "prompt": "Get me prices for: Oranges"
}

前へ AI Prompt Guardの基本構成例

次へ AI Prompt Guard変更履歴