Safety built into every request

Guardrails apply to all dispatch paths — functions, MCP tools, A2A tasks, and pipeline steps. Set a policy and every invocation is filtered automatically.

Four checks, one pipeline

Every tool call passes through a configurable check pipeline before and after execution. Checks run in parallel for minimal latency.

PII Detection

Regex-based scanning for emails, social security numbers, credit card numbers, phone numbers, and cloud credentials. Catches sensitive data before it reaches your tool or leaves in a response.

Prompt Injection Defense

Heuristic detection of injection attempts in tool inputs. Pattern matching across known attack vectors to prevent agents from being manipulated through your tools.

Toxicity Analysis

AI-powered content classification flags harmful, abusive, or inappropriate content. Runs on-edge with no external API calls — your data stays on the platform.

Custom Rules

Define your own regex patterns for domain-specific filtering. Set maximum token limits to prevent oversized payloads. Tailor policies to your use case.

Three enforcement modes

Choose how violations are handled. Different checks can use different modes within the same policy.

Block

Reject the request with a 403 response. The tool never executes. The caller receives a structured error with the violation type.

Warn

Allow the request but annotate the response with a header indicating the violation. The tool executes normally. Callers can inspect headers to decide next steps.

Log

Record the violation silently. The tool executes normally with no visible indication to the caller. Review violations later in the Console.

Scoped policies

Set an organization-wide default that applies to every tool, then override per function when you need different rules.

# Set an organization-wide default policy
$ fold guardrails set --default --check pii --action block
 
# Override for a specific function
$ fold guardrails set my-api --check toxicity --action warn
 
# View active policies
$ fold guardrails list
 
default pii: block injection: block
my-api toxicity: warn pii: block (inherited)

Every dispatch path is covered

Guardrails apply to direct HTTP calls, MCP tool invocations, A2A task executions, and every step in a pipeline. One policy protects all entry points.

← Agent ProtocolsBuilt-in Storage →

Ship tools your team can trust

Guardrails included on every plan. No credit card required.

Get Started