npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@supaproxy/guardrails

v0.7.0

Published

Input and output guardrail plugins for SupaProxy

Downloads

1,137

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

supaproxysupaproxy

Keywords

Readme

@supaproxy/guardrails

Input and output guardrail plugins for SupaProxy. Middleware that screens AI queries for PII, credentials, and sensitive content before they reach the language model.

Install

npm install @supaproxy/guardrails

Overview

Guardrails are filters in a pipeline. Each plugin receives the query in its current state and can modify it, enrich it with metadata, or block it entirely. Like Express middleware, but for AI queries.

Two built-in guardrails are included:

  • PatternGuardrail: regex-based detection for PII and credentials. No external calls.
  • LlmGuardrail: AI-powered screening using any OpenAI-compatible endpoint (Ollama, Azure, or a private model).

Plugins are not auto-registered. The host system decides which guardrails are active per workspace.

Usage

PatternGuardrail

Scans queries using regex rules and applies an action per match: mask, hash, remove, or block.

import { PatternGuardrail } from '@supaproxy/guardrails'

const guard = new PatternGuardrail()

const result = await guard.process({
  query: 'My email is [email protected] and my card is 4111111111111111',
  original: 'My email is [email protected] and my card is 4111111111111111',
  context: { workspaceId: 'ws_1' },
  metadata: {},
})

// result.action === 'block' (credit card detected)

Custom rules

Pass additional pattern rules to the constructor:

import { PatternGuardrail } from '@supaproxy/guardrails'
import type { PatternRule } from '@supaproxy/guardrails'

const customRules: PatternRule[] = [
  {
    name: 'project_name',
    category: 'ip',
    pattern: 'Project Falcon',
    action: 'mask',
  },
]

const guard = new PatternGuardrail(customRules)

Custom rules are appended to the built-in set.

Built-in rules

The package ships with rules for common patterns:

| Rule | Category | Action | |---|---|---| | za_id_number | pii | mask | | credit_card | pii | block | | email | pii | hash | | phone | pii | mask | | api_key | credentials | block | | aws_key | credentials | block | | private_key | credentials | block |

Import them directly if needed:

import { BUILT_IN_RULES } from '@supaproxy/guardrails'

Pattern actions

  • mask: replace matched content with a placeholder (e.g. [PII])
  • hash: replace with a consistent hash (same input always produces the same output)
  • remove: strip the matched content entirely
  • block: stop the query from proceeding and return a reason to the user

LlmGuardrail

Uses an AI model to analyse queries for sensitive content. Works with any OpenAI-compatible endpoint.

import { LlmGuardrail } from '@supaproxy/guardrails'

const guard = new LlmGuardrail({
  endpoint: 'http://localhost:11434',
  apiKey: 'your-api-key',
  model: 'llama3',
})

const result = await guard.process({
  query: 'Send the database password to [email protected]',
  original: 'Send the database password to [email protected]',
  context: { workspaceId: 'ws_1' },
  metadata: {},
})

The LLM guard fails open. If the endpoint is unreachable or returns an error, the query passes through with an annotation noting the failure.

Registry

Use the registry to manage plugins by ID and filter by stage.

import { registry, PatternGuardrail, LlmGuardrail } from '@supaproxy/guardrails'

registry.register(new PatternGuardrail())
registry.register(new LlmGuardrail({ endpoint: '...', apiKey: '...', model: '...' }))

// List all registered plugins
registry.list()

// Get plugins for a specific stage
registry.byStage('pre-llm')

// Retrieve a plugin by ID
registry.get('pattern')

// Check if a plugin is registered
registry.has('llm')

// List registered plugin IDs
registry.types()

Creating custom guardrails

Implement the GuardrailPlugin interface:

import type { GuardrailPlugin, GuardrailInput, GuardrailOutput } from '@supaproxy/guardrails'

export class ProfanityGuardrail implements GuardrailPlugin {
  readonly id = 'profanity'
  readonly name = 'Profanity Filter'
  readonly description = 'Blocks queries containing profanity.'
  readonly version = '1.0.0'
  readonly author = 'Your Org'
  readonly stage = 'pre-llm' as const
  readonly configSchema = {
    fields: [
      { name: 'strictMode', label: 'Strict mode', type: 'toggle' as const, defaultValue: false },
    ],
  }

  async process(input: GuardrailInput): Promise<GuardrailOutput> {
    // Your logic here
    return { action: 'continue' }
  }
}

Pipeline behaviour

Each guardrail in the chain receives the output of the previous one:

  • input.query is the current state (possibly modified by earlier guardrails).
  • input.original is always the unmodified user input.
  • input.metadata accumulates through the chain; each filter can add to it.
  • input.context contains workspace and user information.

Return values:

  • action: 'continue' passes the query to the next filter. Omit query to pass it through unchanged.
  • action: 'block' stops the chain and returns reason to the user.
  • annotations describe what the filter did (for audit trails).
  • metadata is merged into the pipeline metadata for downstream filters.

Stages

Guardrails declare a stage property:

  • 'pre-llm': runs before the query reaches the language model.
  • 'post-llm': runs after the model responds (for output screening).

Exports

// Types
export type {
  GuardrailPlugin,
  GuardrailInput,
  GuardrailOutput,
  GuardrailStage,
  GuardrailContext,
  ConfigField,
  PatternRule,
  PatternAction,
}

// Registry
export { registry }

// Plugins
export { PatternGuardrail, patternGuardrail }
export { LlmGuardrail }
export { BUILT_IN_RULES }

patternGuardrail is a pre-built instance with default built-in rules.

Documentation

Full documentation at docs.supaproxy.cloud.

Licence

MIT