Skip to main content
TL;DR: Dome wraps your Agent with configurable Guardrails that intercept every input and output, blocking attacks before they reach your agent or your users. Configure which Guards run via your registered Vijil Agent, a TOML file, or a Python dict, then choose early-exit (fast) or parallel execution (thorough) mode.
Evaluation catches vulnerabilities you know to test for. But attackers will try things you did not anticipate like new prompt injection techniques, novel encoding tricks, social engineering patterns that emerge after your last evaluation. Dome is Vijil’s runtime protection system. It intercepts every input and output, applies configurable Guardrails, and blocks attacks before they reach your agent or your users. When Diamond identifies vulnerabilities you cannot immediately fix, Dome provides defense-in-depth while you remediate.

How Dome Works

Dome wraps your agent with configurable Guardrails:

Protection Types

Security Guards

Detect and block adversarial attacks:

Moderation Guards

Filter harmful and inappropriate content:

Privacy Guards

Prevent exposure of sensitive data:

Quick Start

You can protect your agents with default Guards. The default configuration includes:
  • Input: Prompt injection detection, encoding heuristics, moderation
  • Output: Moderation, PII detection

Configuration Sources

Dome accepts configuration from three sources: For the full list of configuration options, see Configure Guardrails.

Scan Results

Every scan returns a result object with the following fields:

Framework Integrations

Dome is designed to be integrable with popular frameworks and runtimes. You can see the specific framework developer guides for integration patterns during the developer access phase.

Performance Options

See Configure Guardrails for the configuration options for each mode.

Work in Progress

The programmatic protection capabilities are currently in private preview and subject to change.

Next Steps

Configure Guardrails

Detailed Guard configuration options

Use Guardrails

Runtime patterns and best practices

Custom Detectors

Build your own detection methods

Observability

Monitoring and tracing setup
Last modified on June 25, 2026