Security is a top priority for our enterprise app. We want to use the but need to ensure that PII is never sent to the model and that the model's output doesn't contain restricted information. How do the built-in guardrails handle complex validation logic, and can I integrate third-party scanning tools into the SDK's execution loop effectively?
3 answers
Guardrails in the OpenAI Agents SDK are executed in parallel with the model call, which is great for performance. To handle PII, you can create a custom guardrail function that uses a library like Presidio. You pass this function into the 'guardrails' list of your Agent definition. If the guardrail function returns a failure, the SDK halts the run before the model even processes the input. For output validation, it works the same way; the SDK checks the response before returning it to the user, allowing you to redact or block sensitive strings.
Can these guardrails handle asynchronous calls to external security APIs?
Parallel execution is the key here. It makes the security layer feel seamless rather than a bottleneck in the conversation.
Spot on! It’s much more efficient than the old "pre-process, then call, then post-process" sequential flow we used to use.
Yes, the SDK is built on top of asyncio, so your guardrail functions can definitely be async. This is perfect for calling an external scanner or a database to check against a blacklist. Just make sure your timeout settings are configured correctly so that a slow security API doesn't hang your entire agentic loop. I've successfully integrated a cloud-based DLP scanner this way without adding significant latency to the overall response time for the end-users.