Integrate with the Guardrails multimodal moderation API to detect compliance risks, prompt attacks, sensitive data, and model hallucinations in text, image, and file content.
Prerequisites
Before you begin, make sure you have:
-
Activated the Guardrails service on the Guardrails product page
-
A Resource Access Management (RAM) user with the
AliyunYundunGreenWebFullAccesspolicy attached -
An AccessKey pair for your RAM user
Set up access
Step 1: Grant RAM permissions
-
Log on to the RAM console as a RAM administrator.
-
Create a RAM user. For more information, see Create a RAM user.
-
Grant the
AliyunYundunGreenWebFullAccesssystem policy to the RAM user. For more information, see Grant permissions to a RAM user. -
Create an AccessKey pair for the RAM user. For more information, see Get an AccessKey pair.
Step 2: Install the SDK
For SDK installation instructions and code examples, see the Multimodal SDK reference.
API reference
Service information
| Property | Value |
|---|---|
| Service name | MultiModalGuard |
| Billing | Paid. Billed only for requests that return HTTP 200. Other error codes are not billed. See Activation and billing overview. |
Endpoints
| Region | Public endpoint | Internal endpoint |
|---|---|---|
| China (Shanghai) | https://green-cip.cn-shanghai.aliyuncs.com | https://green-cip-vpc.cn-shanghai.aliyuncs.com |
| China (Beijing) | https://green-cip.cn-beijing.aliyuncs.com | https://green-cip-vpc.cn-beijing.aliyuncs.com |
| China (Hangzhou) | https://green-cip.cn-hangzhou.aliyuncs.com | https://green-cip-vpc.cn-hangzhou.aliyuncs.com |
| China (Shenzhen) | https://green-cip.cn-shenzhen.aliyuncs.com | https://green-cip-vpc.cn-shenzhen.aliyuncs.com |
| China (Chengdu) | https://green-cip.cn-chengdu.aliyuncs.com | Not available |
| Singapore | green-cip.ap-southeast-1.aliyuncs.com | green-cip-vpc.ap-southeast-1.aliyuncs.com |
Usage notes
Important
The QPS (queries per second) limit per user is 50. If a request includes a file modality, the limit drops to 10 QPS. Exceeding the limit triggers throttling and may affect your service. Call the API at a rate within the quota.
Request parameters
| Name | Type | Required | Example | Description |
|---|---|---|---|---|
|
Service |
String |
Yes |
query_security_check_intl |
|
| Service | String | Yes | query_security_check_intl |
The moderation service to call. Valid values: query_security_check_intl (AI input content moderation), response_security_check_intl (AI-generated content moderation). |
| ServiceParameters | JSONString | Yes | — | The parameters for the moderation service, as a JSON string. See ServiceParameters. |
ServiceParameters
At least one of content, imageUrls, or fileUrls is required per request.
| Name | Type | Required | Example | Description |
|---|---|---|---|---|
| content | String | At least one of content, imageUrls, or fileUrls | Text content to moderate |
The text content to moderate. Maximum 2,000 characters per request. |
| imageUrls | JSONArray | ["http://xxxx123"] |
The image URL to moderate. Only one image per request is supported. | |
| fileUrls | JSONArray | ["http://xxxx456"] |
The file URL to moderate. Only one file per request is supported. Maximum file size: 10 MB. | |
| chatId | String | Required for stream-based moderation | ABC123 |
The unique identifier for one round of interaction, which includes user input and Large Language Model (LLM) output. |
| sessionId | String | No | 14**** |
The session ID. Marks the request content as part of the same stream so the text moderation engine can automatically concatenate and moderate the segments. Concatenated segments are moderated as long as they are within the character limit. |
| done | Boolean | Recommended for stream-based moderation | true |
Indicates whether this segment is the last in the current conversation round. true: this is the final segment. false: more segments follow. |
| dataId | String | No | img123****** |
A unique identifier for the content to moderate. |
| accountId | String | No | 13**** |
The account ID. When provided, content is moderated in the context of previous interactions from the same account. |
| ip | String | No | 192.168.1.*** |
The IP address of the account. |
| referer | String | No | www.aliyun.com |
The referer request header, used for scenarios such as hotlink protection. Maximum 256 characters. |
| referenceContent | String | No | Context content |
The reference content for comparison with the submitted content to detect model hallucinations. |
Response elements
| Name | Type | Example | Description |
|---|---|---|---|
| Code | Integer | 200 |
The status code. See Error codes. |
| Data | JSONObject | {"Result":[...]} |
The moderation result. See Data. |
| Message | String | OK |
The response message. |
| RequestId | String | AAAAAA-BBBB-CCCCC-DDDD-EEEEEEEE**** |
The request ID. |
Data
| Name | Type | Example | Description |
|---|---|---|---|
| Detail | JSONArray | — | The per-dimension moderation results, including risk labels and confidence scores. See Detail. |
| Suggestion | String | pass |
The overall suggested action across all dimensions. Valid values: block, mask, watch, pass. The merge priority is: block > mask > watch > pass. |
Only sensitive content detection (sensitiveData) supports thewatchandmasksuggestions. All other dimensions support onlyblockorpass.
Detail
Each item in Detail represents the result for one protection dimension.
| Name | Type | Example | Description |
|---|---|---|---|
| Suggestion | String | block |
The suggested action for this dimension. Valid values: block, pass, watch, mask. |
| Type | String | contentModeration |
The protection dimension. Valid values: contentModeration (content compliance detection), promptAttack (prompt attack detection), sensitiveData (sensitive content detection), modelHallucination
(model hallucination detection).
|
| Level | String | high |
The risk level or sensitivity level. For contentModeration, promptAttack, and modelHallucination: high, medium, low, or none. For sensitiveData: S0 (no sensitive content detected), S1, S2, or S3 (higher number = higher sensitivity). |
| Result | JSONArray | — | The moderation labels and confidence scores for this dimension. See Result. |
Forhighrisk: act immediately. Formediumrisk: route to manual review. Forlowrisk: act only when high recall is required; otherwise treat the same asnone. Configure risk score thresholds in the Guardrails console.
Result
| Name | Type | Example | Description |
|---|---|---|---|
| Description | String | Suspected political entity |
A description of the label. Important
This field is for reference only and is subject to change. When processing results, use the |
| Confidence | Float | 81.22 |
The confidence score, from 0 to 100 with two decimal places. Some labels do not return a confidence score. |
| Label | String | political_xxx |
The moderation label returned for the content. Multiple labels may be returned. |
| Level | String | high |
The risk or sensitivity level. Same values as the Level field in Detail. |
| Ext | JSONObject | — | Extension information for certain protection dimensions. See Ext. |
Ext
| Name | Type | Example | Applicable dimension |
|---|---|---|---|
| Riskwords | String | AA,BB,CC |
contentModeration — The sensitive words detected, separated by commas. Some labels do not return this field. |
| CustomizedHit | JSONArray | [{"LibName":"...","Keywords":"..."}] |
contentModeration — Returned when a custom library is matched. The label is customized. See CustomizedHit. |
| SensitiveData | JSONArray | ["6201112223455"] |
sensitiveData — The detected sensitive samples. |
| Desensitization | String | ...[mobile phone number] is my contact information... |
sensitiveData — The desensitized content with sensitive values masked. |
| FileUrl | String | https://sase-public-server-files.oss-cn-hangzhou.aliyuncs.com/saas-XXX |
waterMark — The download link for the watermarked file. |
| OutFileSize | String | 152357 |
waterMark — The file size in bytes. |
| FileUrlExp | String | 1754135551 |
waterMark — The expiration time of the download link, as a Unix timestamp. |
| Filename | String | B7VKehJ4gZR.png |
waterMark — The file name. |
| OutFileHashMd5 | String | 8b96ff73e8d8060016bb41b16d337871 |
waterMark — The MD5 hash of the file. |
CustomizedHit
| Name | Type | Example | Description |
|---|---|---|---|
| LibName | String | Custom Library 1 |
The name of the matched custom library. |
| Keywords | String | custom_word1,custom_word2 |
The matched custom words, separated by commas. |
Examples
Request example
{
"Service": "query_security_check_intl",
"ServiceParameters": {
"content": "testing content",
"chatId": "ABC123",
"dataId": "img123******",
"accountId": "abc",
"sessionId": "abc",
"imageUrls": ["http://xxxx"],
"fileUrls": ["http://xxxx"],
"referer": "http://www.aliyun.com",
"referenceContent": "Context content for hallucination detection"
}
}Response examples
`query_security_check_intl` — system policy matched
The response below shows a request that triggered multiple protection dimensions: sensitive data masking, a prompt attack, a content compliance violation, and a model hallucination.
{
"Code": 200,
"RequestId": "AAAAAA-BBBB-CCCCC-DDDD-EEEEEEEE****",
"Message": "OK",
"Data": {
"Suggestion": "block",
"Detail": [
{
"Suggestion": "mask",
"Type": "sensitiveData",
"Level": "S2",
"Result": [
{
"Ext": {
"Desensitization": "...[mobile phone number] is my contact information...",
"SensitiveData": [
"136********"
]
},
"Description": "Mobile phone number (the Chinese mainland)",
"Label": "1814",
"Level": "S2"
},
{
"Ext": {
"SensitiveData": [
"**City"
]
},
"Description": "City (the Chinese mainland)",
"Label": "1739",
"Level": "S0"
}
]
},
{
"Suggestion": "block",
"Type": "promptAttack",
"Level": "high",
"Result": [
{
"Description": "Refusal Suppression Jailbreak",
"Confidence": 100,
"Label": "Refusal Supression Jailbreak",
"Level": "high"
}
]
},
{
"Suggestion": "block",
"Type": "contentModeration",
"Level": "high",
"Result": [
{
"Description": "Suspected political entity",
"Confidence": 100,
"Label": "political_entity",
"Level": "high"
},
{
"Ext": {
"CustomizedHit": [
{
"LibName": "Needs to be blocklisted",
"KeyWords": "word_a,word_b,word_c"
}
]
},
"Description": "Hit custom library",
"Confidence": 100,
"Label": "customized",
"Level": "high"
}
]
},
{
"Result": [
{
"Description": "Intrinsic Hallucination",
"Confidence": 95,
"Label": "Intrinsic Hallucination",
"Level": "medium"
}
],
"Type": "modelHallucination",
"Suggestion": "block",
"Level": "medium"
}
]
}
}`img_response_security_check` — digital watermark detected, content compliance violation
{
"Code": 200,
"Data": {
"Detail": [
{
"Level": "none",
"Result": [
{
"Confidence": 0.0,
"Description": "No risk detected",
"Ext": {
"FileUrl": "https://sase-public-server-files.oss-cn-hangzhou.aliyuncs.com/saas-XXX",
"OutFileSize": 527918,
"FileUrlExp": "1754200240",
"Filename": "wJGz6kmZ1Ce.jpg",
"OutFileHashMd5": "02f5129f606027c7a87b84377ec98f8e"
},
"Label": "nonLabel",
"Level": "none"
}
],
"Suggestion": "pass",
"Type": "waterMark"
},
{
"Level": "high",
"Result": [
{
"Confidence": 90,
"Description": "Violation of advertising law - superlative words",
"Label": "ad_Compliance_WordLimit_Tii",
"Level": "high"
}
],
"Suggestion": "block",
"Type": "contentModeration"
}
],
"Suggestion": "block"
},
"Msg": "OK"
}`text_img_security_check` — content compliance violation
{
"Code": 200,
"Data": {
"Detail": [
{
"Ext": {},
"Level": "high",
"Result": [
{
"Confidence": 98.34,
"Description": "Female cleavage",
"Label": "sexual_Cleavage",
"Level": "high"
}
],
"Suggestion": "block",
"Type": "contentModeration"
}
],
"Suggestion": "block"
},
"Msg": "OK"
}`file_security_sync_check` — malicious file detected
{
"Code": 200,
"Data": {
"Detail": [
{
"Ext": {},
"Level": "high",
"Result": [
{
"Confidence": 100,
"Description": "Web shell",
"Label": "WebShell",
"Level": "high"
}
],
"Suggestion": "block",
"Type": "maliciousFile"
},
{
"Ext": {
"PageSum": 1
},
"Level": "none",
"Result": [
{
"Description": "No risk detected",
"Label": "nonLabel",
"Level": "none"
}
],
"Suggestion": "pass",
"Type": "contentModeration"
}
],
"Suggestion": "block"
},
"Msg": "OK"
}`text_file_sec_sync_check` — no risk detected
{
"Code": 200,
"Data": {
"Detail": [
{
"Ext": {
"PageSum": 4
},
"Level": "none",
"Result": [
{
"Description": "No risk detected",
"Label": "nonLabel",
"Level": "none"
}
],
"Suggestion": "pass",
"Type": "contentModeration"
}
],
"Suggestion": "pass"
},
"Msg": "OK"
}Error codes
| Code | Status | Description |
|---|---|---|
| 200 | OK | The request was successful. |
| 400 | BAD_REQUEST | The request is invalid. Check the request parameters. |
| 408 | PERMISSION_DENY | The account is not authorized, has an overdue payment, has the service deactivated, or is banned. |
| 500 | GENERAL_ERROR | A server-side error occurred. Retry the request. If the error persists, contact support through online supportonline support. |
| 581 | TIMEOUT | The request timed out. Retry the request. If the error persists, contact support through online supportonline support. |
| 588 | EXCEED_QUOTA | The request frequency exceeds the quota. |