feat: integrate guardrails library with dual-mode support#45
Merged
initializ-mk merged 1 commit intomainfrom Apr 13, 2026
Merged
feat: integrate guardrails library with dual-mode support#45initializ-mk merged 1 commit intomainfrom
initializ-mk merged 1 commit intomainfrom
Conversation
…lls build stage Replace the hand-rolled 435-line GuardrailEngine with the external github.com/initializ/guardrails library. The new engine supports dual-mode operation: file-based config (guardrails.json) for local development and MongoDB-backed config for platform deployments with audit logging. Key changes: - forge-core: GuardrailChecker interface replaces concrete engine - forge-cli: LibraryGuardrailEngine wraps guardrails.GuardrailManager - forge-cli: BuildGuardrailChecker with DB → file → defaults priority - forge init: generates guardrails.json with PII, security, and secret rules - forge package: includes guardrails.json in container build context Fix session recovery "No tool output found for function call" error: - Memory.LoadFromStore sanitizes orphaned tool calls on recovery - persistSession strips unanswered tool calls before writing - Agent loop executes tool calls regardless of finish_reason Fix CheckInbound missing DecisionMask handler — PII was passing through to the LLM unmasked on inbound messages. Fix SkillsStage early return when root SKILL.md is absent — the build stage now always scans the skills/ subdirectory even without a root SKILL.md, matching the runtime behavior. This restores binary installation (e.g. kubectl) for projects using subdirectory skills. Update docs to reflect new guardrails architecture, configuration, and session recovery improvements.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
github.com/initializ/guardrailslibrary, supporting dual-mode operation: file-based (guardrails.json) for local dev and MongoDB-backed for platform deployments with audit loggingtool_callswithout matching tool results) are now stripped on both save and recovery, preventing "No tool output found for function call" API rejectionCheckInboundwas missing theDecisionMaskhandler, so PII (e.g. SSNs) passed through to the LLM unmaskedskills/subdirectory even without rootSKILL.md, restoring binary installation (e.g. kubectl) for subdirectory-only skill projectsTest plan
cd forge-core && go test ./...cd forge-cli && go test ./...forge init test-agent→ verifyguardrails.jsongenerated with PII, security, secret rulesforge run→ send SSN → verify inbound masking log and LLM never sees raw SSNforge run→ verify jailbreak prompt blocked in enforce modeforge packageon project withskills/subdirectory (no root SKILL.md) → verify kubectl installed in containerFORGE_GUARDRAILS_DB→ verify MongoDB config loading + audit logging