Skip to content

feat: Add Pillar Security guardrail integration#12791

Merged
7 commits merged into
BerriAI:mainfrom
eagle-p:feature/pillar-guardrails
Jul 23, 2025
Merged

feat: Add Pillar Security guardrail integration#12791
7 commits merged into
BerriAI:mainfrom
eagle-p:feature/pillar-guardrails

Conversation

@eagle-p

@eagle-p eagle-p commented Jul 20, 2025

Copy link
Copy Markdown
Contributor

Add Pillar Security guardrail integration

Relevant issues

Pre-Submission checklist

Please complete all items before asking a LiteLLM maintainer to review your PR

  • I have Added testing in the tests/litellm/ directory, Adding at least 1 test is a hard requirement - see details
  • I have added a screenshot of my new test passing locally
image - [x] My PR passes all unit tests on [`make test-unit`](https://docs.litellm.ai/docs/extras/contributing_code) - [x] My PR's scope is as isolated as possible, it only solves 1 specific problem

Type

🆕 New Feature

Changes

Overview

This PR implements a comprehensive Pillar Security guardrail integration for LiteLLM, providing advanced security features including prompt injection protection, PII detection, secret detection, and content moderation.

Core Features Implemented

⚙️ Technical Features:

  • Multi-mode Execution: Support for pre_call, during_call, and post_call modes
  • Configurable Actions: block (raise exception) or monitor (log only) on flagged content
  • Session Tracking: Comprehensive conversation context analysis via metadata
  • Async Implementation: Full async/await support for optimal performance
  • Error Handling: Robust error handling with custom exception types

Files Added

Core Implementation:

  • litellm/proxy/guardrails/guardrail_hooks/pillar/pillar.py - Main PillarGuardrail class with async hooks
  • litellm/proxy/guardrails/guardrail_hooks/pillar/__init__.py - Module initialization and registry
  • litellm/types/proxy/guardrails/guardrail_hooks/pillar.py - Pydantic configuration model

Testing:

  • tests/guardrails_tests/test_pillar_guardrails.py - Comprehensive test suite (623 lines) with:
    • Configuration validation tests
    • Pre/during/post-call hook tests
    • Clean and flagged content scenarios
    • Error handling and edge cases
    • Payload and session tracking tests
    • Mocked API responses for reliable testing

Documentation:

  • docs/my-website/docs/proxy/guardrails/pillar_security.md - Complete user guide (408 lines) with:
    • Quick start guide and setup instructions
    • Multiple configuration examples (security vs. performance trade-offs)
    • API reference and usage examples
    • Troubleshooting and support information

Files Modified

Configuration Integration:

  • litellm/types/guardrails.py - Added PILLAR enum value and PillarGuardrailConfigModel
  • docs/my-website/sidebars.js - Added Pillar documentation to sidebar navigation

Configuration Examples

Recommended Dual-Mode Configuration:

guardrails:
  - guardrail_name: "pillar-dual-protection"
    litellm_params:
      guardrail: pillar
      mode: [pre_call, post_call]            # Monitor both input and output
      api_key: os.environ/PILLAR_API_KEY
      api_base: os.environ/PILLAR_API_BASE
      on_flagged_action: "monitor"           # Log threats but allow requests
      default_on: true

Alternative Configurations:

  • Input-only blocking for maximum security
  • Low-latency monitoring for performance-critical applications
  • Full monitoring for analytics and compliance

Integration Approach

  • Follows LiteLLM Patterns: Uses established guardrail patterns and base classes
  • Environment Variable Support: Supports PILLAR_API_KEY, PILLAR_API_BASE, PILLAR_ON_FLAGGED_ACTION
  • Metadata Integration: Uses LiteLLM's metadata system for session tracking
  • Async-First: Built with async/await for optimal performance
  • Error Resilience: Graceful degradation on API failures with detailed error reporting

Testing Coverage

  • Configuration Tests: Validates setup with/without API keys
  • Hook Integration Tests: Tests pre_call, moderation, and post_call hooks
  • Content Scenarios: Safe content, prompt injection, secrets detection
  • Error Handling: API failures, malformed responses, network issues
  • Edge Cases: Empty messages, missing fields, malformed data
  • Session Management: User ID and session ID extraction and tracking

Implements comprehensive LLM security guardrails using Pillar Security API with support for prompt injection detection, PII/secret detection, content moderation, and multi-mode execution (pre_call, during_call, post_call). Includes complete documentation, testing, and configurable actions on flagged content.
@vercel

vercel Bot commented Jul 20, 2025

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
litellm ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jul 21, 2025 7:22am

Restructure PillarGuardrailConfigModel to properly inherit from GuardrailConfigModel[T]
and resolve return type compatibility issue in get_config_model method.
Restructure PillarGuardrailConfigModel to properly inherit from GuardrailConfigModel[T]
and resolve return type compatibility issue in get_config_model method.
@eagle-p

eagle-p commented Jul 21, 2025

Copy link
Copy Markdown
Contributor Author

Ready to be merged :)

@ghost

ghost commented Jul 22, 2025

Copy link
Copy Markdown

Have you manually qa'ed this to confirm it works @eagle-p ?

@eagle-p

eagle-p commented Jul 22, 2025

Copy link
Copy Markdown
Contributor Author

Hi Krish!
Thank you for your time and amazing work!!
I manually QA’ed all key flows and everything looks good 👍

@ghost ghost merged commit d118cc7 into BerriAI:main Jul 23, 2025
6 checks passed
fzowl pushed a commit to fzowl/litellm that referenced this pull request Jun 24, 2026
* feat: Add Pillar Security guardrail integration

Implements comprehensive LLM security guardrails using Pillar Security API with support for prompt injection detection, PII/secret detection, content moderation, and multi-mode execution (pre_call, during_call, post_call). Includes complete documentation, testing, and configurable actions on flagged content.

* fix: Resolve MyPy type error in Pillar guardrail config

Restructure PillarGuardrailConfigModel to properly inherit from GuardrailConfigModel[T]
and resolve return type compatibility issue in get_config_model method.

* fix: Resolve MyPy type error in Pillar guardrail config

Restructure PillarGuardrailConfigModel to properly inherit from GuardrailConfigModel[T]
and resolve return type compatibility issue in get_config_model method.

* fix docs

* fix docs

* improved docs

* fix examples, READY
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant