Skip to main content
This example demonstrates how to use Upsonic’s Safety Engine with the prebuilt PIIBlockPolicy_LLM to automatically detect and block personally identifiable information (PII) in user inputs. The agent uses OpenAI’s gpt-4o for main responses, while the policy enforcement is powered by OpenAI’s safety-focused gpt-oss-safeguard-20b model via OpenRouter.

Overview

The Safety Engine is a powerful feature in Upsonic that allows you to enforce content policies on your LLM agents. This example showcases:
  1. Dual Model Architecture — Using gpt-4o for agent responses and gpt-oss-safeguard-20b for policy enforcement
  2. OpenRouter Provider — Accessing OpenAI’s safety models through the OpenRouter API
  3. PII Block Policy LLM — LLM-powered detection and blocking of personal information (emails, phone numbers, SSN, etc.)
  4. User Policy Feedback — Providing helpful guidance instead of just blocking content
  5. Feedback Loop — Allowing users to retry with corrected input
The PIIBlockPolicy_LLM is a prebuilt policy that uses LLM-powered detection to identify and block content containing:
  • Email addresses
  • Phone numbers
  • Social Security Numbers
  • Credit card numbers
  • Home addresses
  • And other personally identifiable information

Key Features

  • Prebuilt Policy: No need to implement PII detection logic — Upsonic provides it out of the box
  • Dual Model Setup: Uses gpt-4o for high-quality responses and gpt-oss-safeguard-20b for safety enforcement
  • LLM-Powered Detection: Policy uses an LLM for contextual understanding of PII, not just pattern matching
  • Safety-Focused Model: Policy enforcement uses OpenAI’s gpt-oss-safeguard-20b, specifically designed for safe interactions
  • Helpful Feedback: Instead of just blocking, provides guidance on how to rephrase queries
  • OpenRouter Provider: Access OpenAI’s safety models through the OpenRouter API
  • Easy Integration: Configure the policy’s LLM and add it to your Agent constructor

File Structure

Prerequisites

Set your API keys:

Installation

Managing Dependencies

Sections: api, streamlit, development

Usage

Option 1: Run Directly

Runs built-in test cases demonstrating both safe and PII-containing queries.

Option 2: Run as API Server

Server starts at http://localhost:8000. API documentation at /docs. Example API call:

How It Works

Example Output

Safe query:
PII query:

Complete Implementation

main.py

upsonic_configs.json

Note: The gpt-oss-safeguard-120b variant is not yet available on OpenRouter.

Use Cases

  • Customer support: Prevent accidental PII exposure in support conversations
  • Healthcare applications: Ensure HIPAA compliance by blocking PHI
  • Financial services: Protect sensitive financial information
  • Enterprise applications: Enforce data privacy policies
  • Public-facing chatbots: Prevent users from sharing personal information

Environment Variables

For more information on Safety Engine and custom policies, visit: Upsonic Safety Engine Documentation

Repository

View the complete example: GPT-OSS Safety Agent Example