TestSavant SDK gives you policy-as-code guardrails across every model, tool, and route. Stop prompt injection, toxic drift, and policy gaps with scans that run before and after each model call.
from testsavant.guard import InputGuard, OutputGuard
input_guard = InputGuard(api_key=API_KEY, project_id=PROJECT_ID)
output_guard = OutputGuard(api_key=API_KEY, project_id=PROJECT_ID)
prompt = "Summarize the latest release train for executives."
if input_guard.scan(prompt).is_valid:
completion = llm.generate(prompt)
verdict = output_guard.scan(prompt=prompt, output=completion)
if verdict.is_valid:
ship(completion)
else:
escalate(verdict.results)
Anonymize(entity_types, tag="base", threshold=0.5, redact=False)
Detects and redacts PII before it hits your model.
BanCode(tag="base", threshold=0.5)
Stops code snippets or scripts from being submitted upstream.
BanCompetitors(competitors, tag="base", threshold=0.5, redact=False)
Filters prompts that mention disallowed competitor names.
BanTopics(topics, tag="base", threshold=0.5, mode="blacklist")
Blocks any prompt requesting sensitive or restricted themes.
Code(languages, tag="base", threshold=0.5, is_blocked=True)
Detects programming languages you want to quarantine before use.
Gibberish(tag="base", threshold=0.5)
Keeps garbage prompts from wasting cycles and tokens.
Language(valid_languages, tag="base", threshold=0.5)
Ensures incoming prompts match your allowed language list.
NSFW(tag="base", threshold=0.5)
Screens explicit or harmful requests before they enter workflows.
PromptInjection(tag="base", threshold=0.5)
Neutralizes adversarial jailbreak attempts embedded in prompts.
Toxicity(tag="base", threshold=0.5)
Detects hateful, harassing, or unsafe user inputs.
Anonymize(entity_types, tag="base", threshold=0.5, redact=False)
Detects and redacts PII before it hits your model.
BanCode(tag="base", threshold=0.5)
Stops code snippets or scripts from being submitted upstream.
BanCompetitors(competitors, tag="base", threshold=0.5, redact=False)
Filters prompts that mention disallowed competitor names.
BanTopics(topics, tag="base", threshold=0.5, mode="blacklist")
Blocks any prompt requesting sensitive or restricted themes.
Code(languages, tag="base", threshold=0.5, is_blocked=True)
Detects programming languages you want to quarantine before use.
Gibberish(tag="base", threshold=0.5)
Keeps garbage prompts from wasting cycles and tokens.
Language(valid_languages, tag="base", threshold=0.5)
Ensures incoming prompts match your allowed language list.
NSFW(tag="base", threshold=0.5)
Screens explicit or harmful requests before they enter workflows.
PromptInjection(tag="base", threshold=0.5)
Neutralizes adversarial jailbreak attempts embedded in prompts.
Toxicity(tag="base", threshold=0.5)
Detects hateful, harassing, or unsafe user inputs.
BanCode(tag="base", threshold=0.5)
Strips executable code blocks before responses reach users.
BanCompetitors(competitors, tag="base", threshold=0.5, redact=False)
Removes mentions of competitor brands from generated output.
BanTopics(topics, tag="base", threshold=0.5, mode="blacklist")
Keeps restricted subject matter out of final responses.
Bias(tag="base", threshold=0.5)
Identifies biased or unfair statements before delivery.
Code(languages, tag="base", threshold=0.5, is_blocked=True)
Flags unauthorized code languages within model responses.
FactualConsistency(tag="base", minimum_score=0.5)
Compares answers against sources to highlight hallucinations.
Gibberish(tag="base", threshold=0.5)
Prevents meaningless responses from reaching customers.
Language(valid_languages, tag="base", threshold=0.5)
Enforces that output languages stay within approved options.
LanguageSame(tag="base", threshold=0.5)
Verifies the reply matches the customer’s original language.
MaliciousURL(tag="base", threshold=0.5)
Scans for phishing or malicious links before they’re sent.
NoRefusal(tag="base", threshold=0.5)
Catches unnecessary refusals so you can trigger fallbacks.
NSFW(tag="base", threshold=0.5)
Blocks explicit or brand-unsafe completion content.
Toxicity(tag="base", threshold=0.5)
Removes hateful or abusive language before it leaves the agent.
BanCode(tag="base", threshold=0.5)
Strips executable code blocks before responses reach users.
BanCompetitors(competitors, tag="base", threshold=0.5, redact=False)
Removes mentions of competitor brands from generated output.
BanTopics(topics, tag="base", threshold=0.5, mode="blacklist")
Keeps restricted subject matter out of final responses.
Bias(tag="base", threshold=0.5)
Identifies biased or unfair statements before delivery.
Code(languages, tag="base", threshold=0.5, is_blocked=True)
Flags unauthorized code languages within model responses.
FactualConsistency(tag="base", minimum_score=0.5)
Compares answers against sources to highlight hallucinations.
Gibberish(tag="base", threshold=0.5)
Prevents meaningless responses from reaching customers.
Language(valid_languages, tag="base", threshold=0.5)
Enforces that output languages stay within approved options.
LanguageSame(tag="base", threshold=0.5)
Verifies the reply matches the customer’s original language.
MaliciousURL(tag="base", threshold=0.5)
Scans for phishing or malicious links before they’re sent.
NoRefusal(tag="base", threshold=0.5)
Catches unnecessary refusals so you can trigger fallbacks.
NSFW(tag="base", threshold=0.5)
Blocks explicit or brand-unsafe completion content.
Toxicity(tag="base", threshold=0.5)
Removes hateful or abusive language before it leaves the agent.
Every SDK surface is designed for fast approvals, low latency, and audit-ready evidence. Deploy guardrails once, enforce across every channel.
Centralize policy rules across chat, agents, retrieval flows, and API tools. No more subtle drift between teams.
Detect prompt injection, refusals, brand safety violations, and more with layered scanners.
Generate policy logs mapped to SOC2, ISO, and EU AI Act controls—straight from SDK usage.
Role-based access, SSO, secrets management, and regional data residency baked in.
Stream guardrail outcomes to dashboards and incident tooling with zero extra code.
Replay production incidents, run eval suites, and auto-tune thresholds with Studio.
Pick your runtime, add scanners, and start shipping safer prompts immediately.
from testsavant.guard import InputGuard
from testsavant.guard.input_scanners import PromptInjection, Toxicity
input_guard = InputGuard(api_key="YOUR_API_KEY", project_id="YOUR_PROJECT_ID")
input_guard.add_scanner(PromptInjection(tag="base", threshold=0.45))
input_guard.add_scanner(Toxicity(tag="brand", threshold=0.65))
prompt = "Write a short story about a friendly robot."
result = input_guard.scan(prompt)
if result.is_valid:
print("Prompt is safe.")
else:
print("Prompt failed guardrails:", result.results)
Need a sandbox? Generate an API key.
Follow this path to wire guardrails into your stack and start enforcing policies the same afternoon.
Add testsavant-sdk to your project via pip or npm and pull in the language helpers you need.
Drop in your API key and project ID, choose the policies to enforce, and set any environment-specific overrides.
Use InputGuard and OutputGuard around prompts, completions, and tool responses to score every interaction.
Deploy with confidence, stream incidents to the console, and iterate on thresholds as your traffic patterns evolve.
Swap models, call tools, or fall back to retrieval without losing coverage. The SDK tracks risk posture end-to-end.
Shape inbound prompts before they reach your model, tool, or retrieval layer.
Catch toxic, non-compliant, or low-quality completions before they reach an end user.
Protect function calling, RAG, and multi-step agents with policy-aware guardrails.
Block prompt injection, policy evasions, and unsafe tool calls before they reach downstream systems.
Every decision is logged with the exact policy, signal, and remediation trail auditors expect.
Launch new prompts, tools, and agents with guardrails already validated through automated tests.
It’s a multi-language SDK that enforces guardrails around prompts, completions, function calls, and RAG pipelines. Policies are versioned with your codebase and approved once.
Install with pip install testsavant-sdk or npm install testsavant-sdk. Both ship with rich typings.
Prompt injection, toxicity, self-harm, PII, gibberish, hallucinations, policy breaches, credential leakage, source code exfiltration, and more. Add your own detectors via custom scanners.
Yes. Create a project inside the TestSavant console to get API keys. Rotate them with the CLI, Terraform provider, or secret managers like Vault.
Absolutely. Teams rely on the SDK in high-volume support bots, search experiences, and agentic workflows with latency budgets under 15ms.
Safer inputs. Safer outputs. Consistent policy. Clear proof for every review.
