Guardrails

How Telflo keeps AI interactions safe, private, and on topic.

Every message you send to the assistant, and every response it returns, passes through guardrails. Guardrails block prompt injection and abuse, keep sensitive data out of requests and responses, and keep the assistant focused on OpenTelemetry. When a guardrail is triggered, the assistant returns a safe message and asks you to rephrase.

Input and output guardrails around the assistantYour promptchat messageINPUT GUARDRAILSPrompt injectionMalicious intentPIIAssistantPlan · Build · AskOUTPUT GUARDRAILSYAML safetyPII and secretsRelevanceSafereplyA triggered guardrail returns a safe message and asks you to rephrase, instead of the blocked content.
Three guardrails check every prompt before the assistant sees it, and three check every response before you see it.

Input guardrails

Checked on what you send.

GuardrailWhat it catches
Prompt injectionJailbreak attempts, role overrides, and attempts to extract or override the assistant's instructions.
Malicious intentRequests aimed at data exfiltration, credential exposure, or network attacks.
PIIPersonal information in a prompt.

Output guardrails

Checked on what the assistant returns.

GuardrailWhat it catches
YAML safetyDangerous endpoints or hardcoded secrets in generated configuration.
PII and secretsAPI keys, credentials, or personal data in a response.
RelevanceOff-topic answers, keeping the assistant on OpenTelemetry.

What you see

When a guardrail is triggered, the assistant returns a safe message instead of the blocked content and suggests how to rephrase the request.

Keep secrets out of prompts

Avoid pasting real keys or endpoints into the chat. Reference reusable values from the vault with #NAME, and reference credentials as environment variables with ${env:NAME} in the configuration, so secrets stay out of prompts and out of the YAML.

Last updated on

On this page