Rules & guardrails
What are runtime guardrails and excessive agency?
Runtime guardrails inspect what flows in and out, filtering inputs and validating outputs before use. They defend against excessive agency: identity abuse, privilege abuse, and rogue-agent behavior.
Beyond permissions, runtime guardrails inspect what flows in and out: filtering inputs, constraining the dialog, checking retrieved content, and validating outputs before they are used. Frameworks like NeMo Guardrails and Guardrails AI implement these as programmable rails around the model.
The risk these defend against has a name. OWASP’s Top 10 for Agentic Applications catalogs failure modes including identity and privilege abuse and outright rogue-agent behavior, the dangers that appear specifically when an agent has too much autonomy and too little oversight.[1] Choosing a tool is its own decision; one comparison advises starting with LLM Guard if you are building a production app with real users and need broad coverage out of the box.[2]
Guardrail tools & references
- NVIDIA NeMo Guardrails ↗
Programmable input, dialog, retrieval, and output rails around an LLM.
- Guardrails AI ↗
Open-source framework for validating and correcting model output.
- OWASP AI Agent Security ↗
The cheat sheet and Top 10 that name the threats and the defenses.
- Okta ↗
Practical guidance on least privilege and identity for agents.
References
- OWASP Top 10 for Agentic Applications — OWASP
- Best AI Agent Security & Guardrails Tools in 2026 — DEV Community