AI Guardrails

AI guardrails are constraintsglossary×ConstraintsConstraints are limitations or restrictions that impact how a product or solution can be designed or built.Open glossary term→ and controls designed to keep an AI systemglossary×SystemA system is a collection of interconnected components that work together to achieve a specific function or outcome.Open glossary term→ operating within acceptable boundaries — preventing harmful, inappropriate, or off-brand outputs.

Guardrails can operate at several levels. The foundation modelglossary×ModelA model is a system or representation used to process data and generate outputs, often trained to perform specific tasks.Open glossary term→ itself has built-in safety restrictions. Product teams layer additional guardrails through system promptsguide×System PromptsWhat system prompts do, how they define an AI's role and constraints, and what product and design teams need to know when working with them.Open guide→, output filteringglossary×FilteringFiltering is the process of narrowing down a set of results by applying specific criteria such as attributes, categories, or ranges.Open glossary term→, and workflow design. Organisations may add further controls through policies and monitoring.

Examples of guardrails include preventing the AI from discussing competitor products, blocking responsesglossary×ResponseA response is the data or result returned by a server after receiving a request.Open glossary term→ to off-topic queries, ensuring the AI does not give medical or legal advice it is not qualified to give, and filteringglossary×FilteringFiltering is the process of narrowing down a set of results by applying specific criteria such as attributes, categories, or ranges.Open glossary term→ outputs for harmful or inappropriate content.

Guardrails are not a single switch. They are a layered set of design decisions that need to be thought through, tested, and maintained over time.

Understand when guardrail design matters most. It is most critical when:

It is less critical when:

Understand the basic mechanism. Guardrails work through a combination of mechanisms. System promptsguide×System PromptsWhat system prompts do, how they define an AI's role and constraints, and what product and design teams need to know when working with them.Open guide→ establish the AI's scope and rules of engagementglossary×EngagementEngagement refers to how users interact with a product, content, or experience, including actions like clicks, time spent, and interactions.Open glossary term→. Output filters check responsesglossary×ResponseA response is the data or result returned by a server after receiving a request.Open glossary term→ before they are shown to users and block or modify those that violate defined criteria. Monitoring systems flag unusual or problematic outputs for review.

Foundation modelsguide×Foundation ModelsWhat foundation models are, how they differ from traditional software, and what product and design teams need to know when building on top of them.Open guide→ also include their own safety training, which creates a base layer of protection that cannot be easily overridden.

The effectiveness of guardrails depends on how clearly they are defined, how thoroughly they are tested, and how well they are maintained as the product evolves.

What this means for designers and product teams. Guardrail design starts with a clear understanding of what the AI should and should not do. This is a product and design decision before it is a technical one.

Guardrails need to be tested adversarially — not just against typical inputs, but against users who will try to push or bypass them. Edge casesglossary×Edge CaseAn edge case is a rare or extreme scenario that falls outside typical user behaviour.Open glossary term→ and unusual inputs are where guardrails most often fail.

Focus on:

Most issues come from: Guardrails that are only tested against expected inputs will fail against unexpected ones.

Understanding guardrails gives you: