Skip to main content
Rules are conditions that you never want your application to break. A rule is composed of three parts:
  • A metric
  • An operator
  • A target value
These rules will take the value from an evaluated metric, then use the operator to compare with the target value. If this comparison returns true, then the rule has been broken and is triggered. You can then use this in your code to change the response from your application.

Create rules

To create a rule, create an instance of the Rule, setting the metric and operator. Set the target values as needed (for example, for the empty and not_empty operators, there is no need to set a target value). The metric uses the GalileoMetrics enum, and the operator uses the RuleOperator enum.
Valid values for the operator are:

Metrics and Operators supported

Rules support the following Luna-2 metrics: You can also use custom code-based metrics Metrics can have different output values (e.g. numerical, categorical), therefore the available operators and target values differ depending on the metric.

Action advancement

This rule measures if your agent accomplishes, or is making progress towards a goal. Read more about action advancement.

Action completion

This rule measures if your agent successfully accomplished all of the user’s goals. Read more about action completion.

Completeness

This rule measures how thoroughly your model’s response covered the relevant information available in the context provided. Read more about completeness.

Context Adherence

This rule measures whether your model’s response was purely based on the context provided. It can be used to stop hallucinations from reaching your end users. Read more about context adherence.
Generally, 0.1 is a good threshold below which the response is not adhering to the context. Creating a rule for less than 0.1 will trigger the rule when the response does not adhere to the provided context.

PII (Personal Identifiable Information)

This rule is used to detect and stop Personal Identifiable Information (PII). When applied on the input, it can be used to stop the user or company PII from being included in API calls to external services. When applied on the output, it can be used to prevent data leakage or PII being shown back to the user. Read more about PII categories and their definitions.

Prompt Injection

This rule is used to detect and stop prompt injections in the input.
Prompt Injection Protect rules now compare a float score instead of categorical attack labels. Existing rules that used operators like any, contains, or eq against label values should be migrated to numeric thresholds such as gte 0.5.
Read more about Prompt Injection.
Generally, 0.5 is a good threshold above which the input should be treated as likely prompt injection. Creating a rule for greater than or equal to 0.5 will trigger the rule when prompt injection risk is elevated.

Sexism

This rule is used to detect sexist or biased language. When applied on the input, it can be used to detect sexist remarks in user queries. When applied on the output, it can be used to prevent your application from using an making biased or sexist comments in its responses. Read more about sexism.

Tone

This rule is used to detect the primary tone from the text. When applied on the input, it can be used to detect negative tones in user queries. When applied on the output, it can be used to prevent your application from using an undesired tone in its responses. Read more about tone.

Tool errors

This rule measures any errors when executing tools. Read more about tool errors.

Tool selection quality

This rule measures whether the agent selected the correct tool, and for each tool passed the correct arguments. Read more about tool selection quality.

Toxicity

This rule is used to detect and stop toxic or foul language in the input (user query) or output (response shown to the user). Read more about toxicity.

Custom code-based metrics

You can use custom code-based metrics in your runtime protection rulesets.
The operators and target values here should match the type of data that the registered scorer is expected to produce.

Runtime protection basics

Learn the basics of running runtime protection.

Rulesets

Learn about defining rulesets for runtime protection.

Stages

Learn about defining stages for runtime protection to be used during different stages in your application workflow.

Invoke runtime protection

Learn how to invoke runtime protection in code using the Galileo SDK.