Watsonx Orchestrate Plug‑ins for Security and Compliance

· Source: Niklas Heidloff · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy · Depth: Intermediate, short

Summary

IBM watsonx Orchestrate agents now support plug-ins, enabling customization of how agents process inputs and generate outputs. These plug-ins are crucial for enforcing safety, security, and regulatory compliance by filtering, sanitizing, or transforming data. There are two types: input plug-ins, which operate before an agent processes a request (e.g., masking "silly" or blocking "stupid"), and output plug-ins, which refine or change the final response (e.g., masking email addresses). Examples demonstrate a Python-based `guardrail_plugin` for input moderation and an `email_masking_plugin` for output sanitization. Plug-ins are registered within an agent's definition, such as an `email_agent` utilizing `watsonx/meta-llama/llama-3-2-90b-vision-instruct`.

Key takeaway

For AI Engineers building agents with watsonx Orchestrate, integrating plug-ins is essential for robust compliance and security. You should define both input and output plug-ins to establish guardrails, ensuring sensitive data is handled appropriately and agent responses adhere to organizational policies. This proactive approach minimizes risks associated with unmoderated AI interactions.

Key insights

Watsonx Orchestrate plug-ins enhance agent reliability by customizing input/output for safety and compliance.

Principles

Method

Implement Python-based input plug-ins (AGENTPREINVOKE) to modify or block user requests, and output plug-ins (AGENTPOSTINVOKE) to refine agent responses, registering them in the agent's YAML definition.

In practice

Topics

Best for: AI Engineer, MLOps Engineer, AI Security Engineer

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Niklas Heidloff.