Configure Guardrails

Dome’s configuration system lets you precisely control which Guards run, how they execute, and what Detectors they use. This guide covers all configuration options.

Configuration Hierarchy

Dome organizes protection in three levels:

Guardrail (input/output)
    └── Guard (security, moderation, privacy)
            └── Detector (specific detection method)

Each level has its own configuration options that can be customized.

Guardrail Configuration

Guardrail Options

Option	Type	Default	Description
`input-guards`	List	[]	Guards to run on input
`output-guards`	List	[]	Guards to run on output
`input-early-exit`	Boolean	True	Stop on first input flag
`input-run-parallel`	Boolean	False	Run input Guards in parallel
`output-early-exit`	Boolean	True	Stop on first output flag
`output-run-parallel`	Boolean	False	Run output Guards in parallel

Execution Modes

Early Exit (default): Stops processing when the first Guard flags content. Faster for rejecting clearly malicious input.
Complete Execution: Runs all Guards regardless of flags. Useful for comprehensive logging.

Parallel Execution: Runs Guards simultaneously for lower latency.

Guard Configuration

Guard Types

Type	Use Case	Available Detectors
`security`	Adversarial attacks	Prompt injection, encoding detection
`moderation`	Harmful content	Toxicity, profanity, hate speech
`privacy`	Sensitive data	PII detection, secrets
`integrity`	Data quality	Format validation (experimental)
`generic`	Custom logic	User-defined Detectors

Guard Options

Option	Type	Default	Description
`type`	String	Required	Guard category
`methods`	List	Required	Detectors to use
`early-exit`	Boolean	True	Stop on first Detector flag
`run-parallel`	Boolean	False	Run Detectors in parallel
`blocked-response`	String	Default	Custom block message

Detector Configuration

Here are some of the available Detectors: Security Detectors:

Detector	Description	Options
`prompt-injection-mbert`	Multilingual BERT model	`threshold`
`prompt-injection-deberta-v3-base`	DeBERTa v3 model	`threshold`
`encoding-heuristics`	Base64, Unicode tricks	None
`security-embeddings`	Semantic similarity	`threshold`, `top_k`
`security-llm`	LLM-based detection	`model_name`

Moderation Detectors:

Detector	Description	Options
`moderation-flashtext`	Fast keyword matching	`wordlist`
`moderation-deberta`	Neural toxicity classifier	`threshold`
`moderations-oai-api`	OpenAI Moderation API	None
`moderation-llamaguard`	Llama Guard model	`threshold`

Privacy Detectors:

Detector	Description	Options
`privacy-presidio`	PII entity recognition	`entities`, `threshold`
`detect-secrets`	Credential detection	None

Work in Progress

The programmatic protection capabilities and Dome integrations are currently in private preview and subject to change.

Next Steps

Use Guardrails

Runtime integration patterns

Custom Detectors

Build your own Detectors

Observability

Monitoring and tracing

Quick Start

Deploy Vijil

Agentic Workflow

Evaluate Agents

Protect Agents

API Reference

Configure Guardrails

Configuration Hierarchy

Guardrail Configuration

Guardrail Options

Execution Modes

Guard Configuration

Guard Types

Guard Options

Detector Configuration

Work in Progress

Next Steps

Use Guardrails

Custom Detectors

Observability

Quick Start

Deploy Vijil

Agentic Workflow

Evaluate Agents

Protect Agents

API Reference

Documentation Index

​Configuration Hierarchy

​Guardrail Configuration

​Guardrail Options

​Execution Modes

​Guard Configuration

​Guard Types

​Guard Options

​Detector Configuration

Work in Progress

​Next Steps

Use Guardrails

Custom Detectors

Observability

Configuration Hierarchy

Guardrail Configuration

Guardrail Options

Execution Modes

Guard Configuration

Guard Types

Guard Options

Detector Configuration

Next Steps