Skip to content
Read our latest publication on optimal methods for LLM evaluation here
AI Guardrails

Block bad AI outputs before they reach customers.

Generic guardrails catch generic failures. Composo deploys domain-specific guardrails calibrated to your actual failure modes, running at the inference boundary with sub-second latency. One customer blocks 50% of tool calls in real time.

Book a Diagnostic

The gap

Generic guardrails catch what is generic. They miss what is specific to your AI.

Generic guardrails catch

  • · Profanity and toxicity
  • · PII exposure
  • · Prompt injection signatures
  • · Obvious hallucination patterns
  • · Policy-banned keywords

Composo catches

  • · Hallucinated medications
  • · Omitted risk disclosures
  • · Stale FX rates or market data
  • · Fabricated legal citations
  • · Missing escalation triggers
  • · Tool calls that violate your domain rules

How it works

A calibrated reward model, running inline.

Sub-second latency

Typical 200 to 600 ms end to end. Fast enough to run on every production call, including interactive chat.

Pass / fail or rewrite

Block the output, allow it, or trigger a rewrite. Integrates at the tool-call boundary for agent systems.

Calibrated to you

Not generic. Calibrated to your domain during a 2 to 4 week deployment, and kept current as your product evolves.

In production

"50% of tool calls get blocked."

At 5u, a healthcare voice AI company, Composo sits in front of every agent tool call. Half of them fail the domain-specific quality bar and get blocked before they execute. Their CTO Fehmi Sener put it plainly:

"We embedded Composo into our AI Workers from day one. Best decision we've made on testing. They provide peace of mind for us and our customers."

- Fehmi Sener, CTO, 5u.ai

Frequently asked questions

What is an AI guardrail?

An AI guardrail is a runtime check that inspects an AI output before it reaches a user or triggers an action, and blocks or modifies outputs that fail a quality check. Guardrails differ from offline evaluation: they run inline at inference time and affect the live system.

Why are generic guardrails not enough for production AI?

Generic guardrails check for broad categories: toxicity, PII, basic hallucination. Domain-specific failures - a wrong medication dosage, a stale FX rate, a fabricated legal citation - do not match any generic pattern. They require guardrails calibrated to the specific ways your AI fails in your specific domain.

How does Composo implement runtime guardrails?

Composo's evaluation runs at the inference boundary with sub-second latency. The same reward model that catches failures offline runs as a runtime pass/fail gate. One customer blocks 50% of tool calls in real time using this approach.

What is the latency impact of Composo's guardrails?

Composo's guardrail inference is optimised for the inline case. Typical latency is 200 to 600 milliseconds depending on the complexity of the evaluation criteria, model choice, and whether ensembling is enabled.

Can Composo guardrails block specific tool calls in agent systems?

Yes. Composo integrates at the tool-call boundary in agent frameworks (LangGraph, custom agents) so individual tool invocations can be allowed, blocked, or rewritten based on domain-specific criteria.

For a deeper technical walkthrough of how Composo deploys runtime guardrails, read the AI Guardrails pillar guide.

See what your AI is about to produce.

And what Composo would block.

Book a Diagnostic