drupal/varbase_ai_safety

Bundles the complete AI safety stack for Varbase: Prompt Safety Liability set, Prompt Safety Security set, PII Protection set, AI Logging with 90-day retention, and AI Observability.

Maintainers

Package info

git.drupalcode.org/project/varbase_ai_safety.git

Homepage

Issues

Type:drupal-recipe

pkg:composer/drupal/varbase_ai_safety

Statistics

Installs: 36

Dependents: 1

Suggesters: 0

Security

Advisories: 0

Aikido package health analysis

1.0.0-alpha2 2026-05-12 19:24 UTC

Requires

GPL-2.0-or-later 111890a55d0a3c307610d73ba11c54c4f1fcd6e7

airecipepiidrupal recipesdrupal recipeVarbase recipesvarbase recipeDrupal AIVarbase AIAI SafetyAI GuardrailsPrompt SafetyAI LoggingAI Observability

This package is auto-updated.

Last update: 2026-05-12 16:50:12 UTC

README

A recipe to bundle a complete AI safety stack for Varbase — guardrails, logging, and observability.

This recipe provides a defense-in-depth AI safety setup including:

  • Drupal AI module (ai)
  • AI Logging (ai_logging) with 90-day retention enabled by default
  • AI Observability (ai_observability) for transparency and compliance reporting
  • 14 guardrail rules across 3 sets, configured against restrict_to_topic and regexp_guardrail plugins

Sub-Recipes Applied

This recipe chains the following upstream recipes via the recipes: key:

Included Guardrail Sets

Prompt Safety: Liability (prompt_safety_liability)

Blocks topics that carry legal or reputational risk for the site owner.

  • Liability: Legal Advice
  • Liability: Medical Advice
  • Liability: Sensitive Topics

Prompt Safety: Security (prompt_safety_security)

Blocks structurally malicious input and semantic prompt attacks (XSS, HTML/CSS/JavaScript injection, prompt manipulation/jailbreak detection).

  • Security: CSS Expression Injection
  • Security: Dangerous HTML Tags
  • Security: HTML Event Handler Injection
  • Security: JavaScript Execution Functions
  • Security: JavaScript Protocol
  • Security: Prompt Manipulation
  • Security: Script Tag Injection

PII Protection (pii_protection)

Detects and blocks personally identifiable information (PII) in both user input and AI output. Baseline GDPR / data-protection coverage.

  • PII: Credit Card Number
  • PII: Email Address
  • PII: IBAN
  • PII: Phone Number

AI Logging Settings Applied

  • prompt_logging: true (automatic logging enabled)
  • prompt_logging_max_age: 90 days (older entries auto-deleted)
  • prompt_logging_max_messages: 1000

Compatible With

Apply the Recipe

Add the recipe using composer:

composer require drupal/varbase_ai_safety:~1.0.0

Change directory to /web or /docroot

Run the Drupal recipe bash script:

bash core/scripts/drupal recipe recipes/contrib/varbase_ai_safety

or

Run the Drush recipe command:

drush recipe recipes/contrib/varbase_ai_safety

or

Apply via the Project Browser UI at /admin/modules/browse/varbase_recipes → click Install on Varbase AI Safety.

Why This Matters for Varbase Enterprise Clients

Varbase targets enterprise Drupal deployments. Enterprise clients require:

  • Compliance evidenceai_logging + ai_observability provide the audit trail.
  • PII protection — GDPR requirement for EU clients.
  • Liability control — legal teams need assurance AI won't generate legal/medical advice.
  • Security hardening — prevents AI-assisted XSS via content injection vectors.