Built-In Guard Engines
Five guard rail implementations ship in BizFirst.Ai.GuardRails.Provider.Core. Each implements IGuardRail and covers a common enterprise enforcement pattern. They are configured via Atlas Forms 13000–13007.
RateLimitingGuard
Phase: Pre | Class: RateLimitingGuard
Limits how frequently this node can execute per scope. In production, delegates to IRateLimitingOrchestrator (Redis-backed). In development, uses an in-memory counter.
// Configuration fields (Atlas Form 13000)
{
"rps": 10, // requests per second allowed
"window": 60, // time window in seconds
"scope": "tenant" // "global" | "tenant" | "user"
}Returns: Blocked with RetryAfterSeconds when rate is exceeded; Success otherwise.
InputValidationGuard
Phase: Pre | Class: InputValidationGuard
Validates that required input fields are present and non-empty before the executor runs. Configured with a list of required field names.
// Configuration fields (Atlas Form 13001)
{
"requiredFields": ["email", "orderId"],
"strictMode": true // if true: any unknown fields cause Blocked
}Returns: Blocked with the list of missing fields; Success if all required fields are present.
TimeoutGuard
Phase: Pre + Post | Class: TimeoutGuard
Tracks the execution duration of the node. Configured with a maximum execution time in milliseconds. Pre phase records the start time; Post phase checks elapsed time and returns Blocked if exceeded.
// Configuration fields (Atlas Form 13002)
{
"maxExecutionMs": 30000 // 30 second timeout
}PiiDetectionGuard
Phase: Post | Class: PiiDetectionGuard
Scans the executor's output data for PII patterns (email addresses, credit card numbers, phone numbers, SSN patterns). Can operate in detect-and-warn or detect-and-redact mode.
// Configuration fields (Atlas Form 13003)
{
"mode": "redact", // "warn" | "block" | "redact"
"piiPatterns": ["email", "ccn"], // patterns to scan for
"redactionValue": "[REDACTED]"
}CircuitBreakerGuard
Phase: Pre | Class: CircuitBreakerGuard
Tracks consecutive failures for this node type/tenant combination. After the failure threshold is reached, the circuit opens and blocks execution for a cooldown period. Prevents hammering a failing external service.
// Configuration fields (Atlas Form 13004)
{
"failureThreshold": 5, // failures before circuit opens
"cooldownSeconds": 60, // how long circuit stays open
"scope": "tenant"
}Summary Table
| Guard | Phase | Atlas Form | Security Critical |
|---|---|---|---|
| RateLimitingGuard | Pre | 13000 | Yes |
| InputValidationGuard | Pre | 13001 | No |
| TimeoutGuard | Pre + Post | 13002 | No |
| PiiDetectionGuard | Post | 13003 | Yes |
| CircuitBreakerGuard | Pre | 13004 | Yes |