Guardrails AI — Validate LLM Outputs in Production

What it is

Guardrails AI is a Python library that adds validation and safety checks to LLM outputs. It provides 50+ built-in validators that check for hallucination, toxicity, PII leakage, format compliance, and factual accuracy. You wrap your LLM calls with a Guard object, and Guardrails automatically validates and optionally retries when outputs fail validation.

Guardrails AI is designed for teams deploying LLMs in production who need to ensure outputs meet quality and safety standards. It works with any LLM provider including OpenAI, Anthropic, and local models.

How it saves time or tokens

Without Guardrails, you write custom validation logic for every LLM output format. Guardrails provides a declarative approach: define your validators once, and the library handles validation, error reporting, and automatic retries. The hub of pre-built validators (guardrails hub) saves development time by providing tested implementations for common checks.

Automatic retries with corrective prompts reduce manual intervention. When an output fails validation, Guardrails re-prompts the LLM with the error details, often producing a valid output on the second attempt.

How to use

1. Install Guardrails and a validator:

pip install guardrails-ai
guardrails hub install hub://guardrails/regex_match

1. Create a Guard with validators:

from guardrails import Guard
from guardrails.hub import RegexMatch

guard = Guard().use(RegexMatch(regex=r'^\d{3}-\d{2}-\d{4}$'))

result = guard(
    model='gpt-4o',
    messages=[{'role': 'user', 'content': 'Generate a sample SSN format'}]
)
print(result.validated_output)

1. The Guard validates the LLM output against the regex pattern and retries if it does not match.

Example

from guardrails import Guard
from guardrails.hub import DetectPII, ToxicLanguage
from pydantic import BaseModel, Field

class SafeResponse(BaseModel):
    answer: str = Field(description='The response text')
    confidence: float = Field(ge=0.0, le=1.0)

guard = Guard.from_pydantic(SafeResponse)
guard.use(DetectPII(pii_entities=['EMAIL', 'PHONE_NUMBER'], on_fail='fix'))
guard.use(ToxicLanguage(threshold=0.5, on_fail='reask'))

result = guard(
    model='gpt-4o',
    messages=[{'role': 'user', 'content': 'Summarize this customer feedback'}]
)

print(result.validated_output)
print(f'Validation passed: {result.validation_passed}')

This ensures the LLM output matches the Pydantic schema, contains no PII, and is not toxic. Failed PII checks are auto-fixed; toxic outputs trigger a retry.

Related on TokRepo

• AI agent tools -- Explore tools for building reliable AI agent pipelines
• AI monitoring tools -- Browse tools for monitoring AI systems in production

Common pitfalls

• Validators from the hub need separate installation. Running guard.use(SomeValidator()) without first installing via guardrails hub install produces import errors.
• Stacking many validators increases latency. Each validator runs sequentially by default. For latency-sensitive applications, limit validators to the most critical checks.
• The on_fail='reask' strategy sends additional LLM calls, increasing token costs. Use on_fail='fix' for deterministic corrections or on_fail='exception' when retries are not acceptable.