A Drupal recipe that installs a set of regex-based AI guardrails to detect and block personally identifiable information (PII) in AI interactions. Apply this recipe to any site where AI features process user input or generate output that may contain sensitive personal data.

What This Recipe Does

This recipe installs four individual guardrails and one guardrail set into a Drupal site running the AI module.

Each guardrail uses a regular expression to scan text for a specific type of PII. The pii_protection guardrail set applies all four guardrails to both the pre-generate (user input) and post-generate (AI output) phases, so PII is blocked in both directions.

When to use this recipe

  • Any public-facing AI interaction (chatbots, AI assistants, AI-powered search)
  • Sites with GDPR or data protection obligations
  • Environments where user content must not be forwarded to third-party AI providers containing sensitive identifiers

Requirements

How to Apply

Run the following Drush command from your Drupal root:

drush recipe ../recipes/ai_recipe_guardrails_pii

Configuration Installed

Guardrail Set

Machine name Label Description
pii_protection PII Protection Applies all four PII guardrails to both pre- and post-generate phases. Stop threshold: 0.8.

Guardrails

Machine name Label Detects
pii_email_address PII: Email Address Email addresses
pii_credit_card_number PII: Credit Card Number Payment card numbers (Visa, Mastercard, Amex, Discover, etc.)
pii_iban PII: IBAN IBAN bank account numbers
pii_phone_number PII: Phone Number International phone numbers (E.164 / +XX format)

All guardrails use the regexp_guardrail plugin.

Supporting organizations: 
1xINTERNET
Sponsor development

Project information

Releases

1.0.0 Stable release covered by the Drupal Security Team released 23 March 2026

Using Composer to manage Drupal site dependencies