> ## Documentation Index
> Fetch the complete documentation index at: https://docs.agno.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Guardrails

> Built-in safeguards for input validation, PII detection, and prompt injection defense.

<Badge icon="code-branch" color="orange">
  <Tooltip tip="Introduced in v2.1.0" cta="View release notes" href="https://github.com/agno-agi/agno/releases/tag/v2.1.0">v2.1.0</Tooltip>
</Badge>

Guardrails are built-in safeguards for your Agents and Teams. You can use them to make sure the input you send to the LLM is safe and doesn't contain anything undesired.

Some of the most popular usages are:

* PII detection and redaction
* Prompt injection defense
* Jailbreak defense
* Data leakage prevention
* NSFW content filtering

## Agno included Guardrails

Agno provides some built-in guardrails you can use out of the box with your Agents and Teams:

* [PII Detection Guardrail](/guardrails/included/pii): detect PII (Personally Identifiable Information).
* [Prompt Injection Guardrail](/guardrails/included/prompt-injection): detect and stop prompt injection attempts.
* [OpenAI Moderation Guardrail](/guardrails/included/openai-moderation): detect content that violates OpenAI's content policy.

To use the Agno included guardrails, you just need to import them and pass them to the Agent or Team with the `pre_hooks` parameter.

Guardrails are implemented as [pre-hooks](/hooks/overview), which execute before your Agent processes input.

For example, to use the PII Detection Guardrail:

```python theme={null}
from agno.guardrails import PIIDetectionGuardrail
from agno.agent import Agent
from agno.models.openai import OpenAIResponses

agent = Agent(
    name="Privacy-Protected Agent",
    model=OpenAIResponses(id="gpt-5.2"),
    pre_hooks=[PIIDetectionGuardrail()],
)
```

You can see complete examples using the Agno Guardrails in the [Usage](/guardrails/usage/agent/pii-detection) section.

## Custom Guardrails

You can create custom guardrails by extending the `BaseGuardrail` class. See the [BaseGuardrail Reference](/reference/hooks/base-guardrail) for more details.

This is useful if you need to perform any check or transformation not handled by the built-in guardrails, or just to implement your own validation logic.

You will need to implement the `check` and `async_check` methods to perform your validation and raise exceptions when detecting undesired content.

<Check>
  Agno automatically uses the sync or async version of the guardrail based on whether you are running the agent with `.run()` or `.arun()`.
</Check>

For example, let's create a simple custom guardrail that checks if the input contains any URLs:

```python theme={null}
import re

from agno.exceptions import CheckTrigger, InputCheckError
from agno.guardrails import BaseGuardrail
from agno.run.agent import RunInput


class URLGuardrail(BaseGuardrail):
    """Guardrail to identify and stop inputs containing URLs."""

    def check(self, run_input: RunInput) -> None:
        """Raise InputCheckError if the input contains any URLs."""
        if isinstance(run_input.input_content, str):
            # Basic URL pattern
            url_pattern = r'https?://[^\s]+|www\.[^\s]+|[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}[^\s]*'
            if re.search(url_pattern, run_input.input_content):
                raise InputCheckError(
                    "The input seems to contain URLs, which are not allowed.",
                    check_trigger=CheckTrigger.INPUT_NOT_ALLOWED,
                )

    async def async_check(self, run_input: RunInput) -> None:
        """Raise InputCheckError if the input contains any URLs."""
        if isinstance(run_input.input_content, str):
            # Basic URL pattern
            url_pattern = r'https?://[^\s]+|www\.[^\s]+|[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}[^\s]*'
            if re.search(url_pattern, run_input.input_content):
                raise InputCheckError(
                    "The input seems to contain URLs, which are not allowed.",
                    check_trigger=CheckTrigger.INPUT_NOT_ALLOWED,
                )
```

Now you can use your custom guardrail in your Agent:

```python theme={null}
from agno.agent import Agent
from agno.models.openai import OpenAIResponses

# Agent using our URLGuardrail
agent = Agent(
    name="URL-Protected Agent",
    model=OpenAIResponses(id="gpt-5.2"),
    # Provide the Guardrails to be used with the pre_hooks parameter
    pre_hooks=[URLGuardrail()],
)

# This will raise an InputCheckError
agent.run("Can you check what's in https://fake.com?")
```

## Learn More

<CardGroup cols={2}>
  <Card title="PII Detection" icon="user-shield" href="/guardrails/included/pii">
    Detect and redact personally identifiable information
  </Card>

  <Card title="Prompt Injection Defense" icon="bug-slash" href="/guardrails/included/prompt-injection">
    Stop prompt injection and jailbreak attempts
  </Card>

  <Card title="OpenAI Moderation" icon="shield-halved" href="/guardrails/included/openai-moderation">
    Detect content that violates OpenAI's content policy
  </Card>
</CardGroup>

## Developer Resources

* [Reference](/reference/hooks/base-guardrail)
* [Agent Examples](/guardrails/usage/agent/pii-detection)
* [Team Examples](/guardrails/usage/team/pii-detection)