VoltAgent Integration

Add AI safety guardrails to your VoltAgent applications with THSP protocol validation, OWASP protection, and PII detection.

Installation

npm install @sentinelseed/voltagent

Quick Start

The simplest way to protect your VoltAgent agent:

import { Agent } from "@voltagent/core";
import { createSentinelGuardrails } from "@sentinelseed/voltagent";
// Create guardrails with preset configuration
const { inputGuardrails, outputGuardrails } = createSentinelGuardrails({
  level: "strict",
  enablePII: true,
});
// Add to your agent
const agent = new Agent({
  name: "safe-agent",
  inputGuardrails,
  outputGuardrails,
});

Configuration Presets

LevelDescription

permissiveLog only, no blocking. Good for development.

standardBlock unsafe content, THSP + OWASP enabled. Recommended for production. strictAll validations, block on any issue. For high security applications.

Features

THSP Protocol Validation

Validates content against four safety gates:

GateDescriptionExample Violations

TruthFactual accuracyFake documents, impersonation HarmPotential for harmViolence, malware, theft ScopeOperational boundariesJailbreaks, persona switching PurposeLegitimate intentPurposeless destruction

OWASP Protection

Detects common security vulnerabilities:

SQL Injection

Cross-Site Scripting (XSS)

Command Injection

Path Traversal

Server-Side Request Forgery (SSRF)

Prompt Injection

Sensitive Data Exposure

PII Detection & Redaction

Automatically detects and redacts sensitive information:

Email addresses

Phone numbers

Social Security Numbers

Credit card numbers

API keys / AWS keys

JWT tokens

And more...

Usage Examples

Input Protection

import { createSentinelInputGuardrail } from "@sentinelseed/voltagent";
const inputGuard = createSentinelInputGuardrail({
  enableTHSP: true,
  enableOWASP: true,
  blockUnsafe: true,
});
const agent = new Agent({
  inputGuardrails: [inputGuard],
});

PII Redaction in Responses

import { createSentinelOutputGuardrail } from "@sentinelseed/voltagent";
const outputGuard = createSentinelOutputGuardrail({
  enablePII: true,
  redactPII: true,
});
const agent = new Agent({
  outputGuardrails: [outputGuard],
});
// Input: "Contact john@example.com or call 555-123-4567"
// Output: "Contact [EMAIL] or call [PHONE]"

Specialized Presets

import {

  createChatGuardrails,
  createAgentGuardrails,
  createPrivacyGuardrails,
} from "@sentinelseed/voltagent";
// For chat applications (jailbreak prevention)
const chatGuards = createChatGuardrails();
// For agent applications (tool call protection)
const agentGuards = createAgentGuardrails();
// For privacy-sensitive applications (full PII protection)
const privacyGuards = createPrivacyGuardrails();

Streaming Support

For streaming responses with real-time PII redaction:

import { createSentinelPIIRedactor } from "@sentinelseed/voltagent";
const piiRedactor = createSentinelPIIRedactor({
  enablePII: true,
  piiTypes: ["EMAIL", "PHONE", "SSN"],
});
const guardrail = {
  name: "pii-stream-redactor",
  handler: async (args) => ({ pass: true }),
  streamHandler: piiRedactor,
};

API Reference

Bundle Functions

FunctionDescription

createSentinelGuardrails(config)Complete input/output bundle

createChatGuardrails()Preset for chat applications createAgentGuardrails()Preset for agent applications createPrivacyGuardrails()Privacy-focused preset createDevelopmentGuardrails(logger)Permissive preset for dev

Input Guardrails

FunctionDescription

createSentinelInputGuardrail(config)Main input guardrail createStrictInputGuardrail()Strict preset createTHSPOnlyGuardrail()THSP validation only createOWASPOnlyGuardrail()OWASP validation only

Output Guardrails

FunctionDescription

createSentinelOutputGuardrail(config)Main output guardrail createPIIOutputGuardrail(options)PII-focused guardrail createStrictOutputGuardrail()Block on any sensitive content

Configuration Options

interface SentinelGuardrailConfig {
  // Behavior
  blockUnsafe?: boolean;           // Block unsafe content (default: true)
  logChecks?: boolean;             // Enable logging (default: false)
  // Validation modules
  enableTHSP?: boolean;            // Enable THSP (default: true)
  enableOWASP?: boolean;           // Enable OWASP (default: true)
  enablePII?: boolean;             // Enable PII detection (default: false)
  // PII options
  piiTypes?: PIIType[];
  redactPII?: boolean;
  redactionFormat?: string;
  // Performance
  maxContentLength?: number;       // Max content length (default: 100000)
  timeout?: number;                // Timeout in ms (default: 5000)
}

Requirements

Node.js >= 18.0.0

VoltAgent >= 0.1.0

Links

npm package

GitHub

VoltAgent Documentation