Core Concepts
Understand policies, evaluation modes, enforcement, and how Nyraxis processes LLM traffic.
Core Concepts
Policies
A policy is a rule that evaluates text against a specific threat or compliance requirement. Each policy has:
- Type — what it detects (e.g.,
pii_detection,prompt_injection) - Mode —
blocking(reject the request) orwarning(log but allow) - Config — provider-specific settings (thresholds, entity lists, etc.)
- Scope — which agents it applies to (all, or specific agent IDs)
Providers
A provider is the detection engine behind a policy. Nyraxis ships 16 built-in providers:
| Category | Providers |
|---|---|
| Security | PII Detection, Prompt Injection, Jailbreak, Secrets, SQL Injection, Web Sanitization, Unusual Prompt |
| Content Safety | Toxicity, Bias, NSFW, Sensitive Topics |
| Quality | Hallucination, Gibberish |
| Enterprise | Topic Restriction, Competitor Mention, Tool Authorization |
Evaluation Modes
When you call evaluate, you can specify a mode:
thorough(default) — runs all active policies. Most secure, slightly higher latency.fast— runs only security-critical policies (injection, jailbreak, PII). Lower latency.
Enforcement
Nyraxis supports two enforcement strategies:
Inline (SDK enforce mode)
The SDK intercepts LLM calls before they reach the model. If a violation is detected, the call is blocked and an error is raised. Zero code changes to your agent logic.
nyraxis_sdk.init(api_key="nyx_...", enforce=True)Async (monitor mode)
Evaluations happen after the LLM responds. Violations are logged to the dashboard but not blocked. Useful for shadow-mode rollouts.
Fail-open vs Fail-closed
| Setting | Behavior when Nyraxis is unreachable |
|---|---|
enforce_fail_open=True (default) | Request passes through — no blocking |
enforce_fail_open=False | Request is blocked — for regulated environments |
Agents
An agent in Nyraxis represents a single AI service or bot. You can:
- Assign different policies per agent
- Track violations per agent
- Compare security posture across your fleet
Traces
Every evaluation creates a trace — a record of what was evaluated, which policies ran, what violations were found, and the latency. Traces power the dashboard analytics and audit trail.