Merge pull request #3598 from akto-api-security/agentic_base_prompt_intent_guardrail

Add Base Prompt Rule functionality to Guardrail Policies

Author: krngrover94

apps/dashboard/src/main/java/com/akto/action/GuardrailPoliciesAction.java

@@ -20,6 +20,7 @@
 import java.util.List;
 import java.util.Map;
 
+
 public class GuardrailPoliciesAction extends UserAction {
     private static final LoggerMaker loggerMaker = new LoggerMaker(GuardrailPoliciesAction.class, LogDb.DASHBOARD);
 
@@ -55,6 +56,7 @@ public String fetchGuardrailPolicies() {
         }
     }
 
+
     public String createGuardrailPolicy() {
         try {
             User user = getSUser();
@@ -99,6 +101,7 @@ public String createGuardrailPolicy() {
             updates.add(Updates.set("regexPatternsV2", policy.getRegexPatternsV2()));
             updates.add(Updates.set("contentFiltering", policy.getContentFiltering()));
             updates.add(Updates.set("llmRule", policy.getLlmRule()));
+            updates.add(Updates.set("basePromptRule", policy.getBasePromptRule()));
             updates.add(Updates.set("selectedMcpServers", policy.getSelectedMcpServers()));
             updates.add(Updates.set("selectedAgentServers", policy.getSelectedAgentServers()));
             updates.add(Updates.set("selectedMcpServersV2", policy.getSelectedMcpServersV2()));

apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/guardrails/GuardrailPolicies.jsx

@@ -446,6 +446,8 @@ function GuardrailPolicies() {
                 contentFiltering: guardrailData.contentFilters || {},
                 // Add LLM policy if present
                 ...(guardrailData.llmRule ? { llmRule: guardrailData.llmRule } : {}),
+                // Add Base Prompt Rule if present
+                ...(guardrailData.basePromptRule ? { basePromptRule: guardrailData.basePromptRule } : {}),
                 applyOnResponse: guardrailData.applyOnResponse || false,
                 applyOnRequest: guardrailData.applyOnRequest || false,
                 url: guardrailData.url || '',

apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/guardrails/components/CreateGuardrailModal.jsx

@@ -27,6 +27,8 @@ import {
     SensitiveInfoConfig,
     LlmPromptStep,
     LlmPromptConfig,
+    BasePromptStep,
+    BasePromptConfig,
     ExternalModelStep,
     ExternalModelConfig,
     ServerSettingsStep,
@@ -76,24 +78,28 @@ const CreateGuardrailModal = ({ isOpen, onClose, onSave, editingPolicy = null, i
     const [llmPrompt, setLlmPrompt] = useState("");
     const [llmConfidenceScore, setLlmConfidenceScore] = useState(0.5);
 
-    // Step 7: External model based evaluation
+    // Step 7: Base Prompt Based Validation (AI Agents)
+    const [enableBasePromptRule, setEnableBasePromptRule] = useState(false);
+    const [basePromptConfidenceScore, setBasePromptConfidenceScore] = useState(0.5);
+
+    // Step 8: External model based evaluation
     const [url, setUrl] = useState("");
     const [confidenceScore, setConfidenceScore] = useState(25); // Start with 25 (first checkpoint)
 
-    // Step 8: Server settings
+    // Step 9: Server settings
     const [selectedMcpServers, setSelectedMcpServers] = useState([]);
     const [selectedAgentServers, setSelectedAgentServers] = useState([]);
     const [applyOnResponse, setApplyOnResponse] = useState(false);
     const [applyOnRequest, setApplyOnRequest] = useState(false);
-
+    
     // Collections data
     const [mcpServers, setMcpServers] = useState([]);
     const [agentServers, setAgentServers] = useState([]);
     const [collectionsLoading, setCollectionsLoading] = useState(false);
-
+    
     // Get collections from PersistStore
     const allCollections = PersistStore(state => state.allCollections);
-
+    
     // Create validation state object
     const getStoredStateData = () => ({
         // Step 1
@@ -113,9 +119,12 @@ const CreateGuardrailModal = ({ isOpen, onClose, onSave, editingPolicy = null, i
         llmPrompt,
         llmConfidenceScore,
         // Step 7
+        enableBasePromptRule,
+        basePromptConfidenceScore,
+        // Step 8
         url,
         confidenceScore,
-        // Step 8
+        // Step 9
         selectedMcpServers,
         selectedAgentServers,
         mcpServers,
@@ -164,6 +173,12 @@ const CreateGuardrailModal = ({ isOpen, onClose, onSave, editingPolicy = null, i
                 summary: LlmPromptConfig.getSummary(storedStateData),
                 ...LlmPromptConfig.validate(storedStateData)
             },
+            {
+                number: BasePromptConfig.number,
+                title: BasePromptConfig.title,
+                summary: BasePromptConfig.getSummary(storedStateData),
+                ...BasePromptConfig.validate(storedStateData)
+            },
             {
                 number: ExternalModelConfig.number,
                 title: ExternalModelConfig.title,
@@ -269,6 +284,8 @@ const CreateGuardrailModal = ({ isOpen, onClose, onSave, editingPolicy = null, i
         setNewRegexPattern("");
         setLlmPrompt("");
         setLlmConfidenceScore(0.5);
+        setEnableBasePromptRule(false);
+        setBasePromptConfidenceScore(0.5);
         setUrl("");
         setConfidenceScore(25);
         setSelectedMcpServers([]);
@@ -282,7 +299,7 @@ const CreateGuardrailModal = ({ isOpen, onClose, onSave, editingPolicy = null, i
         setDescription(policy.description || "");
         setBlockedMessage(policy.blockedMessage || "");
         setApplyToResponses(policy.applyToResponses || false);
-
+        
         // Content filters
         if (policy.contentFiltering) {
             if (policy.contentFiltering.harmfulCategories) {
@@ -301,19 +318,19 @@ const CreateGuardrailModal = ({ isOpen, onClose, onSave, editingPolicy = null, i
                 setPromptAttackLevel(policy.contentFiltering.promptAttacks.level || "HIGH");
             }
         }
-
+        
         // Denied topics
         setDeniedTopics(policy.deniedTopics || []);
-
+        
         // Word filters
         setWordFilters({
             profanity: policy.wordFilters?.profanity || false,
             custom: policy.wordFilters?.custom || []
         });
-
+        
         // PII filters
         setPiiTypes(policy.piiTypes || []);
-
+        
         // Regex patterns - prefer V2 format with behavior, fallback to old format
         if (policy.regexPatternsV2 && policy.regexPatternsV2.length > 0) {
             setRegexPatterns(policy.regexPatternsV2);
@@ -337,6 +354,15 @@ const CreateGuardrailModal = ({ isOpen, onClose, onSave, editingPolicy = null, i
             setLlmConfidenceScore(0.5);
         }
 
+        // Base Prompt Based Validation (AI Agents)
+        if (policy.basePromptRule) {
+            setEnableBasePromptRule(policy.basePromptRule.enabled || false);
+            setBasePromptConfidenceScore(policy.basePromptRule.confidenceScore !== undefined ? policy.basePromptRule.confidenceScore : 0.5);
+        } else {
+            setEnableBasePromptRule(false);
+            setBasePromptConfidenceScore(0.5);
+        }
+
         // External model based evaluation
         setUrl(policy.url || "");
         // Map existing confidence score to nearest checkpoint
@@ -435,6 +461,12 @@ const CreateGuardrailModal = ({ isOpen, onClose, onSave, editingPolicy = null, i
                         confidenceScore: llmConfidenceScore
                     }
                 } : {}),
+                ...(enableBasePromptRule ? {
+                    basePromptRule: {
+                        enabled: true,
+                        confidenceScore: basePromptConfidenceScore
+                    }
+                } : {}),
                 url: url || null,
                 confidenceScore: confidenceScore,
                 selectedMcpServers: selectedMcpServers, // Old format (just IDs)
@@ -629,6 +661,15 @@ const CreateGuardrailModal = ({ isOpen, onClose, onSave, editingPolicy = null, i
                     />
                 );
             case 7:
+                return (
+                    <BasePromptStep
+                        enableBasePromptRule={enableBasePromptRule}
+                        setEnableBasePromptRule={setEnableBasePromptRule}
+                        basePromptConfidenceScore={basePromptConfidenceScore}
+                        setBasePromptConfidenceScore={setBasePromptConfidenceScore}
+                    />
+                );
+            case 8:
                 return (
                     <ExternalModelStep
                         url={url}
@@ -637,7 +678,7 @@ const CreateGuardrailModal = ({ isOpen, onClose, onSave, editingPolicy = null, i
                         setConfidenceScore={setConfidenceScore}
                     />
                 );
-            case 8:
+            case 9:
                 return (
                     <ServerSettingsStep
                         selectedMcpServers={selectedMcpServers}
@@ -669,7 +710,7 @@ const CreateGuardrailModal = ({ isOpen, onClose, onSave, editingPolicy = null, i
             });
         }
 
-        if (currentStep < 8) {
+        if (currentStep < steps.length) {
             actions.push({
                 content: "Next",
                 onAction: handleNext
@@ -683,10 +724,10 @@ const CreateGuardrailModal = ({ isOpen, onClose, onSave, editingPolicy = null, i
         // Check if all steps are valid
         const allStepsValid = steps.every(step => step.isValid);
 
-        return {
-            content: isEditMode ? "Update Guardrail" : "Create Guardrail",
-            onAction: handleSave,
-            loading: loading,
+            return {
+                content: isEditMode ? "Update Guardrail" : "Create Guardrail",
+                onAction: handleSave,
+                loading: loading,
             disabled: !allStepsValid
         };
     };
@@ -710,7 +751,7 @@ const CreateGuardrailModal = ({ isOpen, onClose, onSave, editingPolicy = null, i
                 <Modal.Section>
                     <Scrollable style={{ height: "600px" }}>
                         {renderAllSteps()}
-                    </Scrollable>
+                            </Scrollable>
                 </Modal.Section>
             </Modal>
         </>

apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/guardrails/components/steps/BasePromptStep.jsx

@@ -0,0 +1,58 @@
+import { VerticalStack, Text, RangeSlider, FormLayout, Checkbox, Box } from "@shopify/polaris";
+
+export const BasePromptConfig = {
+    number: 7,
+    title: "Intent verification using base prompt (AI Agents)",
+
+    validate: () => {
+        return { isValid: true, errorMessage: null };
+    },
+
+    getSummary: ({ enableBasePromptRule, basePromptConfidenceScore }) => {
+        if (!enableBasePromptRule) return null;
+        return `Auto-detect from traffic, Confidence: ${basePromptConfidenceScore.toFixed(2)}`;
+    }
+};
+
+const BasePromptStep = ({
+    enableBasePromptRule,
+    setEnableBasePromptRule,
+    basePromptConfidenceScore,
+    setBasePromptConfidenceScore
+}) => {
+    return (
+        <VerticalStack gap="4">
+            <Text variant="bodyMd" tone="subdued">
+                Verify if agent requests match the intent of the base prompt. The base prompt is automatically detected from traffic, and user inputs filling placeholders like {`{var}`} or {`{}`} are checked against this intent.
+            </Text>
+
+            <FormLayout>
+                <Checkbox
+                    label="Enable agent intent verification"
+                    checked={enableBasePromptRule}
+                    onChange={setEnableBasePromptRule}
+                />
+
+                {enableBasePromptRule && (
+                    <Box>
+                        <Box paddingBlockStart="2">
+                            <RangeSlider
+                                label="Confidence Threshold"
+                                value={basePromptConfidenceScore}
+                                min={0}
+                                max={1}
+                                step={0.1}
+                                output
+                                onChange={setBasePromptConfidenceScore}
+                                helpText="Set the confidence threshold (0-1). Higher values require more confidence to block content."
+                            />
+                        </Box>
+                    </Box>
+                )}
+            </FormLayout>
+        </VerticalStack>
+    );
+};
+
+export default BasePromptStep;
+

apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/guardrails/components/steps/ExternalModelStep.jsx

@@ -8,7 +8,7 @@ const validateUrl = (url) => {
 };
 
 export const ExternalModelConfig = {
-    number: 7,
+    number: 8,
     title: "External model based evaluation",
 
     validate: ({ url }) => {

apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/guardrails/components/steps/ServerSettingsStep.jsx

@@ -2,7 +2,7 @@ import { VerticalStack, Text, FormLayout, Box, Checkbox } from "@shopify/polaris
 import DropdownSearch from "../../../../components/shared/DropdownSearch";
 
 export const ServerSettingsConfig = {
-    number: 8,
+    number: 9,
     title: "Server and application settings",
 
     validate: () => {

apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/guardrails/components/steps/index.js

@@ -5,5 +5,6 @@ export { default as DeniedTopicsStep, DeniedTopicsConfig } from './DeniedTopicsS
 export { default as WordFiltersStep, WordFiltersConfig } from './WordFiltersStep';
 export { default as SensitiveInfoStep, SensitiveInfoConfig } from './SensitiveInfoStep';
 export { default as LlmPromptStep, LlmPromptConfig } from './LlmPromptStep';
+export { default as BasePromptStep, BasePromptConfig } from './BasePromptStep';
 export { default as ExternalModelStep, ExternalModelConfig } from './ExternalModelStep';
 export { default as ServerSettingsStep, ServerSettingsConfig } from './ServerSettingsStep';