Guardrails: Protect your Agents, Data, and Costs

OpenRouter workspaces offer configurable guardrails to enhance security, governance, and cost management by incorporating tools for budget enforcement, zero data retention, model and provider restrictions, prompt injection defense, and data loss prevention. These guardrails can be applied broadly across an entire workspace or customized for specific team groups or API keys without altering the code. Budget enforcement allows setting spending limits for specific timeframes, while zero data retention and model/provider restrictions provide control over data handling and model usage. Prompt injection defense employs regex patterns to detect and mitigate injection attempts, and data loss prevention identifies and manages sensitive information using pre-defined and custom patterns. These guardrails can be assigned to API keys or individual members, ensuring tailored security measures, and the management API allows for programmatic configuration, enabling automation during onboarding or key rotation processes.