feat(guardrails): add HarmfulContent, IntellectualProperty, UserPromptAttacks middlewares [AL-372] (#751)

Co-authored-by: Claude <noreply@anthropic.com>

Author: apetraru-uipath

pyproject.toml

@@ -1,13 +1,13 @@
 [project]
 name = "uipath-langchain"
-version = "0.9.25"
+version = "0.9.26"
 description = "Python SDK that enables developers to build and deploy LangGraph agents to the UiPath Cloud Platform"
 readme = { file = "README.md", content-type = "text/markdown" }
 requires-python = ">=3.11"
 dependencies = [
     "uipath>=2.10.29, <2.11.0",
     "uipath-core>=0.5.2, <0.6.0",
-    "uipath-platform>=0.1.24, <0.2.0",
+    "uipath-platform>=0.1.25, <0.2.0",
     "uipath-runtime>=0.10.0, <0.11.0",
     "langgraph>=1.0.0, <2.0.0",
     "langchain-core>=1.2.11, <2.0.0",

samples/joke-agent-decorator/graph.py

@@ -23,14 +23,21 @@
     GuardrailAction,
     GuardrailExclude,
     GuardrailExecutionStage,
+    HarmfulContentEntity,
+    HarmfulContentValidator,
+    IntellectualPropertyValidator,
     LogAction,
     LoggingSeverityLevel,
     PIIDetectionEntity,
     PIIValidator,
-    PromptInjectionValidator,
+    UserPromptAttacksValidator,
     guardrail,
 )
-from uipath_langchain.guardrails.enums import PIIDetectionEntityType
+from uipath_langchain.guardrails.enums import (
+    HarmfulContentEntityType,
+    IntellectualPropertyEntityType,
+    PIIDetectionEntityType,
+)
 
 logger = logging.getLogger(__name__)
 
@@ -145,11 +152,19 @@ def format_joke_for_display(
 
 
 @guardrail(
-    validator=PromptInjectionValidator(threshold=0.5),
+    validator=UserPromptAttacksValidator(),
     action=BlockAction(),
-    name="LLM Prompt Injection Detection",
+    name="LLM User Prompt Attacks Detection",
     stage=GuardrailExecutionStage.PRE,
 )
+@guardrail(
+    validator=IntellectualPropertyValidator(
+        entities=[IntellectualPropertyEntityType.TEXT],
+    ),
+    action=LogAction(severity_level=LoggingSeverityLevel.WARNING),
+    name="LLM Intellectual Property Detection",
+    stage=GuardrailExecutionStage.POST,
+)
 @guardrail(
     validator=pii_email,
     action=LogAction(severity_level=LoggingSeverityLevel.WARNING),
@@ -243,6 +258,14 @@ def analyze_joke_syntax(joke: str) -> str:
 # ---------------------------------------------------------------------------
 
 
+@guardrail(
+    validator=HarmfulContentValidator(
+        entities=[HarmfulContentEntity(HarmfulContentEntityType.VIOLENCE, threshold=2)],
+    ),
+    action=BlockAction(),
+    name="Agent Harmful Content Detection",
+    stage=GuardrailExecutionStage.PRE,
+)
 @guardrail(
     validator=PIIValidator(
         entities=[PIIDetectionEntity(PIIDetectionEntityType.PERSON, threshold=0.5)],

samples/joke-agent-decorator/pyproject.toml

@@ -1,11 +1,11 @@
 [project]
 name = "joke-agent-decorator"
-version = "0.0.1"
+version = "0.0.2"
 description = "Joke generating agent that creates family-friendly jokes based on a topic - using decorator-based guardrails"
 authors = [{ name = "John Doe", email = "john.doe@myemail.com" }]
 requires-python = ">=3.11"
 dependencies = [
-    "uipath-langchain>=0.9.20, <0.10.0",
+    "uipath-langchain>=0.9.26, <0.10.0",
     "uipath>2.7.0",
 ]
 

samples/joke-agent/graph.py

@@ -3,34 +3,43 @@
 from langchain.agents import create_agent
 from langchain_core.messages import HumanMessage
 from langchain_core.tools import tool
-from langgraph.constants import START, END
+from langgraph.constants import END, START
 from langgraph.graph import StateGraph
+from middleware import CustomFilterAction, LoggingMiddleware
 from pydantic import BaseModel
 from uipath.core.guardrails import GuardrailScope
 
-from middleware import CustomFilterAction, LoggingMiddleware
 from uipath_langchain.chat import UiPathChat
 from uipath_langchain.guardrails import (
     BlockAction,
-    PIIDetectionEntity,
     GuardrailExecutionStage,
+    HarmfulContentEntity,
     LogAction,
+    PIIDetectionEntity,
     UiPathDeterministicGuardrailMiddleware,
+    UiPathHarmfulContentMiddleware,
+    UiPathIntellectualPropertyMiddleware,
     UiPathPIIDetectionMiddleware,
-    UiPathPromptInjectionMiddleware,
+    UiPathUserPromptAttacksMiddleware,
 )
 from uipath_langchain.guardrails.actions import LoggingSeverityLevel
-from uipath_langchain.guardrails.enums import PIIDetectionEntityType
+from uipath_langchain.guardrails.enums import (
+    HarmfulContentEntityType,
+    IntellectualPropertyEntityType,
+    PIIDetectionEntityType,
+)
 
 
 # Define input schema for the agent
 class Input(BaseModel):
     """Input schema for the joke agent."""
+
     topic: str
 
 
 class Output(BaseModel):
     """Output schema for the joke agent."""
+
     joke: str
 
 
@@ -57,6 +66,7 @@ def analyze_joke_syntax(joke: str) -> str:
 
     return f"Words number: {word_count}\nLetters: {letter_count}"
 
+
 # System prompt based on agent1.json
 SYSTEM_PROMPT = """You are an AI assistant designed to generate family-friendly jokes. Your process is as follows:
 
@@ -104,12 +114,25 @@ def analyze_joke_syntax(joke: str) -> str:
             tools=[analyze_joke_syntax],
             enabled_for_evals=False,
         ),
-        *UiPathPromptInjectionMiddleware(
-            name="Prompt Injection Detection",
+        *UiPathUserPromptAttacksMiddleware(
+            name="User Prompt Attacks Detection",
             action=BlockAction(),
-            threshold=0.5,
             enabled_for_evals=False,
         ),
+        *UiPathHarmfulContentMiddleware(
+            name="Harmful Content Detection",
+            scopes=[GuardrailScope.AGENT, GuardrailScope.LLM],
+            action=BlockAction(),
+            entities=[
+                HarmfulContentEntity(HarmfulContentEntityType.VIOLENCE, threshold=2),
+            ],
+        ),
+        *UiPathIntellectualPropertyMiddleware(
+            name="Intellectual Property Detection",
+            scopes=[GuardrailScope.LLM],
+            action=LogAction(severity_level=LoggingSeverityLevel.WARNING),
+            entities=[IntellectualPropertyEntityType.TEXT],
+        ),
         # Custom FilterAction example: demonstrates how developers can implement their own actions
         *UiPathDeterministicGuardrailMiddleware(
             tools=[analyze_joke_syntax],
@@ -142,7 +165,7 @@ def analyze_joke_syntax(joke: str) -> str:
             ),
             stage=GuardrailExecutionStage.POST,
             name="Joke Content Always Filter",
-        )
+        ),
     ],
 )
 
@@ -152,7 +175,9 @@ async def joke_node(state: Input) -> Output:
     """Convert topic to messages, call agent, and extract joke."""
     # Convert topic to messages format
     messages = [
-        HumanMessage(content=f"Generate a family-friendly joke based on the topic: {state.topic}")
+        HumanMessage(
+            content=f"Generate a family-friendly joke based on the topic: {state.topic}"
+        )
     ]
 
     # Call the agent with messages

samples/joke-agent/pyproject.toml

@@ -1,12 +1,12 @@
 [project]
 name = "joke-agent"
-version = "0.0.1"
+version = "0.0.2"
 description = "Joke generating agent that creates family-friendly jokes based on a topic"
 authors = [{ name = "John Doe", email = "john.doe@myemail.com" }]
 requires-python = ">=3.11"
 dependencies = [
-    "uipath-langchain",
-    "uipath",
+    "uipath-langchain>=0.9.26, <0.10.0",
+    "uipath>2.7.0",
 ]
 
 [dependency-groups]

src/uipath_langchain/guardrails/__init__.py

@@ -13,22 +13,31 @@
     GuardrailExecutionStage,
     GuardrailTargetAdapter,
     GuardrailValidatorBase,
+    HarmfulContentEntity,
+    HarmfulContentEntityType,
+    HarmfulContentValidator,
+    IntellectualPropertyEntityType,
+    IntellectualPropertyValidator,
     LogAction,
     LoggingSeverityLevel,
     PIIDetectionEntity,
     PIIDetectionEntityType,
     PIIValidator,
     PromptInjectionValidator,
     RuleFunction,
+    UserPromptAttacksValidator,
     guardrail,
     register_guardrail_adapter,
 )
 
 from ._langchain_adapter import LangChainGuardrailAdapter
 from .middlewares import (
     UiPathDeterministicGuardrailMiddleware,
+    UiPathHarmfulContentMiddleware,
+    UiPathIntellectualPropertyMiddleware,
     UiPathPIIDetectionMiddleware,
     UiPathPromptInjectionMiddleware,
+    UiPathUserPromptAttacksMiddleware,
 )
 
 # Auto-register the LangChain adapter so @guardrail knows how to wrap
@@ -40,11 +49,17 @@
     "guardrail",
     # Validators
     "GuardrailValidatorBase",
+    "HarmfulContentValidator",
+    "IntellectualPropertyValidator",
     "PIIValidator",
     "PromptInjectionValidator",
+    "UserPromptAttacksValidator",
     "CustomValidator",
     "RuleFunction",
     # Models & enums
+    "HarmfulContentEntity",
+    "HarmfulContentEntityType",
+    "IntellectualPropertyEntityType",
     "PIIDetectionEntity",
     "PIIDetectionEntityType",
     "GuardrailExecutionStage",
@@ -60,9 +75,12 @@
     # Adapter registry
     "GuardrailTargetAdapter",
     "register_guardrail_adapter",
-    # Middlewares (unchanged)
+    # Middlewares
+    "UiPathHarmfulContentMiddleware",
+    "UiPathIntellectualPropertyMiddleware",
     "UiPathPIIDetectionMiddleware",
     "UiPathPromptInjectionMiddleware",
+    "UiPathUserPromptAttacksMiddleware",
     "UiPathDeterministicGuardrailMiddleware",
     # Re-exports for backwards compat
     "AgentGuardrailSeverityLevel",

src/uipath_langchain/guardrails/enums.py

@@ -3,7 +3,15 @@
 from uipath.core.guardrails import GuardrailScope
 from uipath.platform.guardrails.decorators import (
     GuardrailExecutionStage,
+    HarmfulContentEntityType,
+    IntellectualPropertyEntityType,
     PIIDetectionEntityType,
 )
 
-__all__ = ["GuardrailScope", "PIIDetectionEntityType", "GuardrailExecutionStage"]
+__all__ = [
+    "GuardrailScope",
+    "HarmfulContentEntityType",
+    "IntellectualPropertyEntityType",
+    "PIIDetectionEntityType",
+    "GuardrailExecutionStage",
+]

src/uipath_langchain/guardrails/middlewares/__init__.py

@@ -4,12 +4,18 @@
     RuleFunction,
     UiPathDeterministicGuardrailMiddleware,
 )
+from .harmful_content import UiPathHarmfulContentMiddleware
+from .intellectual_property import UiPathIntellectualPropertyMiddleware
 from .pii_detection import UiPathPIIDetectionMiddleware
 from .prompt_injection import UiPathPromptInjectionMiddleware
+from .user_prompt_attacks import UiPathUserPromptAttacksMiddleware
 
 __all__ = [
     "RuleFunction",
     "UiPathDeterministicGuardrailMiddleware",
+    "UiPathHarmfulContentMiddleware",
+    "UiPathIntellectualPropertyMiddleware",
     "UiPathPIIDetectionMiddleware",
     "UiPathPromptInjectionMiddleware",
+    "UiPathUserPromptAttacksMiddleware",
 ]