Installation
Requirements
| Requirement | Version |
|---|---|
| PHP | ^8.3 (CI tests 8.3 / 8.4 / 8.5) |
| Laravel | 13.x |
laravel/ai |
^0.8 |
ext-mbstring |
required |
ext-intl |
suggested — enables NFKC Unicode normalization (graceful fallback without it) |
composer require padosoft/laravel-ai-guardrails
The service provider auto-registers. Publish the config to tune it:
php artisan vendor:publish --tag=ai-guardrails-config
Optional dependencies (compose-not-couple)
Each integration is suggest-only and guarded by class_exists with null-object graceful degradation. Install only what you need:
| Package | Enables |
|---|---|
padosoft/laravel-flow |
Control D — the HITL approval bridge (approvalGate()) |
padosoft/laravel-pii-redactor |
PII redaction in Control C + audit-hygiene redact mode |
ezyang/htmlpurifier |
HTMLPurifier-grade html_mode=allowlist in Control C |
laravel/mcp |
The MCP server surface (screen_prompt, sanitize_output, recent_injection_audit) |
composer require padosoft/laravel-flow # Control D
composer require padosoft/laravel-pii-redactor # PII redaction
composer require ezyang/htmlpurifier # robust HTML allowlist
composer require laravel/mcp # MCP surface
When a package is absent the matching control degrades to a safe null-object — the package never hard-fails. The boundary is enforced by an architecture test: laravel-flow only in src/Hitl, pii-redactor + HTMLPurifier only in src/Output, laravel/mcp only in src/Mcp.
Database-backed stores (optional)
The audit, firewall-rejection, output-stat, settings, and settings-change stores all default to null (no persistence). To enable any of them, publish + run the migrations:
php artisan vendor:publish --tag=ai-guardrails-migrations
php artisan migrate
then point the relevant store at database (e.g. AI_GUARDRAILS_AUDIT_STORE=database). See the Configuration reference for every store key.
Verify
use Padosoft\AiGuardrails\Facades\AiGuardrails;
AiGuardrails::screen('please ignore all previous instructions')->blocked; // true
If that returns true, Control B is live. Continue with the Quickstart.
