一键导入
guard
Use when deploying to production, handling sensitive data, or the workflow needs safety constraints, input validation, and security boundaries.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Use when deploying to production, handling sensitive data, or the workflow needs safety constraints, input validation, and security boundaries.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Use when the workflow is too slow, too expensive, or both and needs latency, cost, or token usage optimization.
Use when porting a workflow to a different AI provider, deployment environment, model tier, or organizational context.
Use when any Maestro command is invoked — provides foundational workflow design principles across prompt engineering, context management, tool orchestration, agent architecture, feedback loops, knowledge systems, and guardrails.
Use when the workflow works but needs to handle more complex cases or produce higher-quality output through better tools, context, prompts, or models.
Use when workflow components are inconsistent, naming conventions vary, or a new team member's work needs alignment to project standards.
Capture a session summary — what was done, what decisions were made, and what to do next.
| name | guard |
| description | Use when deploying to production, handling sensitive data, or the workflow needs safety constraints, input validation, and security boundaries. |
| argument-hint | [threat or area] |
| category | enhancement |
| version | 2.0.0 |
| user-invocable | true |
Invoke /agent-workflow — it contains workflow principles, anti-patterns, and the Context Gathering Protocol. Follow the protocol before proceeding — if no workflow context exists yet, you MUST run /teach-maestro first.
Consult the guardrails-safety reference in the agent-workflow skill for the full defense-in-depth framework.
Add safety boundaries to a workflow. Guards protect against malicious inputs, unintended outputs, data leakage, cost explosion, and all the ways an autonomous system can go wrong in the real world.
Before adding guards, understand what you're protecting against:
| Threat | Risk Level | Guard Type |
|---|---|---|
| Prompt injection | High | Input sanitization, instruction hierarchy |
| PII leakage | High | Output filtering, data masking |
| Cost explosion | High | Token budgets, rate limits |
| Unauthorized actions | Medium | Permission scoping, confirmation gates |
| Hallucination | Medium | Source attribution, fact checking |
| Service abuse | Medium | Rate limiting, authentication |
Input Guards
Before processing any input:
1. Validate against schema (reject malformed)
2. Check size limits (reject oversized)
3. Sanitize for injection patterns
4. Rate limit check (reject if exceeded)
5. Authentication/authorization check
Output Guards
Before returning any output:
1. Schema validation (format correct?)
2. PII scan (names, emails, SSNs, etc.)
3. Content policy check
4. Confidence threshold check
5. Source attribution present?
Cost Guards
Before every model/API call:
1. Check remaining budget
2. Estimate request cost
3. If estimate > remaining budget → reject or use cheaper alternative
4. After call → update spent amount
5. Circuit breaker check (too many failures?)
Permission Guards
For every tool call:
1. Is this tool allowed for this user/context?
2. Is this a destructive operation? → require confirmation
3. Is this accessing data the user is authorized for?
4. Log the access for audit trail
After adding guards, run /evaluate with adversarial test scenarios to verify guards hold under attack.
NEVER: