scaffolding

Author: lbeurerkellner

docs/assets/invariant.css

@@ -220,21 +220,18 @@ strong {
 
 blockquote {
     background-color: #fdfdfd;
-    border-left: 0.5pt solid #3E3AFF !important;
+    border-left: 2pt solid #3E3AFF !important;
     border-radius: 5pt;
     font-size: 12pt;
-    border: 1pt solid #3E3AFF;
+    padding-right: 5pt;
+    border: 2pt solid #3E3AFF;
     background-color: hsl(241, 100%, 99.5%);
     overflow: hidden;
     color: black;
     margin-top: 30pt !important;
     padding-top: 5pt;
 }
 
-blockquote pre {
-    position: relative;
-    margin-left: -10pt;
-}
 
 blockquote p {
     font-size: 12pt !important;
@@ -396,6 +393,7 @@ label.md-nav__title {
 
 .md-sidebar__scrollwrap {
     background-color: #f6f6f6;
+    height: calc(100vh - 80pt) !important;
 }
 
 .overview .box {
@@ -638,4 +636,19 @@ code {
 
 .md-nav--primary .md-nav__title[for=__drawer], .md-nav__title {
     background: transparent !important;
+}
+
+blockquote pre {
+    position: relative;
+    margin-left: -10pt;
+}
+
+blockquote code {
+    border-radius: 0pt !important;
+    border-left-width: 0pt;
+    border-right-width: 0pt;
+}
+
+ul.md-nav__list {
+    font-weight: 400;
 }

docs/guardrails/ban-words.md

@@ -0,0 +1,18 @@
+# Code Validation
+
+<div class='subtitle'>
+Secure the code that your agent generates and executes.
+</div>
+
+Code validation is a critical component of any code-generating LLM system, as it helps to ensure that the code generated by the LLM is safe and secure. Guardrails provides a simple way to validate the code generated by your LLM, using a set of pre-defined rules and checks.
+
+> **Code Validation Risks**<br/>
+> Code validation is a critical component of any code-generating LLM system. For example, an insecure agent could:
+
+> * Generate code that contains **security vulnerabilities**, such as SQL injection or cross-site scripting
+
+> * Generate code that **contains bugs or errors**, causing the system to crash or behave unexpectedly
+
+> * Produce code that escapes a **sandboxed execution environment**
+
+> * Generate code that is **not well-formed or does not follow best practices**, causing the system to be difficult to maintain or understand

docs/guardrails/code-validation.md

@@ -0,0 +1,18 @@
+# Computer Use Agents
+
+<div class='subtitle'>
+Guardrail the actions of computer use agents, to enable safe UI interfacing.
+</div>
+
+Computer use agents are powerful general-purpose reasoners, equipped with their own computer and the ability to interact with it. However, to ensure security and correctness properties, it is important to guardrail the actions of these agents, to prevent them from performing undesired or harmful actions.
+
+> **Computer Use Agent Risks**<br/>
+> Computer use agents are powerful general-purpose reasoners, equipped with their own computer and the ability to interact with it. For example, an insecure agent could:
+
+> * Perform actions that are **harmful or undesired**, such as ordering wrong items or sending messages to users
+
+> * Switch applications or **perform actions that are conidered out-of-scope** for their intended use case
+
+> * Being confused by the UI, and **performing actions that are not intended**, such as clicking on the wrong button or entering the wrong information
+
+> * Being prompt-injected by UI elements and images, to perform **malicious actions as injected by an potential attacker**

docs/guardrails/computer-use.md

@@ -0,0 +1,17 @@
+# Dataflow Rules
+
+<div class='subtitle'>
+Secure the dataflow of your agentic system, to ensure that sensitive data never leaves the system through unintended channels.
+</div>
+
+Due to their dynamic nature, agentic systems often mix and combine data from different sources, and can easily leak sensitive information. Guardrails provides a simple way to define dataflow rules, to ensure that sensitive data never leaves the system through unintended channels.
+
+> **Dataflow Risks**<br/>
+
+> Due to their dynamic nature, agentic systems often mix and combine data from different sources, and can easily leak sensitive information. For example, an insecure agent could:
+
+> * Leak sensitive information, such as **API keys or passwords**, to an external service
+
+> * Send sensitive information, such as **user data or PII**, to an external service
+
+> * Be prompt-injected by an external service via indirect channels, to **perform malicious actions** as injected by an potential attacker

docs/guardrails/copyright.md

@@ -0,0 +1,20 @@
+# Function Calls
+
+<div class='subtitle'>
+Guardrail the function and tool calls of your agentic system.
+</div>
+
+At the core of any agentic systems are function and tool calls, i.e. the ability for the agent to interact with the environment via desiganted functions and tools. 
+
+For security and safety reasons, it is important to ensure that all tool calls an agent executes are validated and well-scoped, to prevent undesired or harmful actions.
+
+> **Tool Calling Risks**<br/>
+> Since tools are an agent's interface to interact with the world, they can also be used to perform actions that are harmful or undesired. For example, an insecure agent could:
+
+> * Leak sensitive information, e.g. via a `send_email` function
+
+> * Delete an important file, via a `delete_file` or a `bash` command
+
+> * Make a payment to an attacker
+
+> * Send a message to a user with sensitive information

docs/guardrails/dataflow-rules.md

@@ -0,0 +1,17 @@
+
+# Loop Detection
+
+<div class='subtitle'>
+Detect and prevent infinite loops in your agentic system.
+</div>
+
+Loop detection is a critical component of any agentic system, as it helps to prevent infinite loops and other undesired behavior. Guardrails provides a simple way to detect and prevent loops in your agentic system.
+
+> **Looping Risks**<br/>
+> Loops are a common source of bugs and errors in agentic systems. For example, an insecure agent could:
+
+> * Get stuck in an infinite loop, **consuming resources and causing the system to crash**
+
+> * Get stuck in a loop that causes it to **perform a irreversible action**, such as sending a message many times
+
+> * Get stuck in a loop, requiring **many expensive LLM calls**, causing the system to run out of tokens or money