How-to: Content classification¶
The classification pack labels every request with a content class (pii,
financial, secret, medical, legal, or public) by running regex patterns over
the first user message. Downstream packs read state.labels["classification"]
without importing each other.
Install¶
pip install aegis-gateway
Classification has no extra dependencies — it ships in the core install.
Configure¶
providers:
main:
type: anthropic
api_key: secret://env/ANTHROPIC_API_KEY
guardrails:
classify:
pack: aegis.classification
pipeline:
ingress: [classify]
routes:
default:
provider: main
Default patterns¶
| Class | Trigger examples |
|---|---|
pii |
email addresses, phone numbers, SSNs |
financial |
routing numbers, credit card patterns |
secret |
API keys, passwords, tokens |
medical |
diagnoses, medications, ICD codes |
legal |
contract, NDA, GDPR |
public |
catch-all when nothing else matches |
Reading the label downstream¶
Any downstream pack (guardrail, node) can read the label from RunState:
from aegis_core.pipeline import Verdict
async def scan(self, messages, state):
classification = state.labels.get("classification", "public")
if classification == "secret":
return Verdict.block("Secret content blocked by policy")
return Verdict.allow()
Combining with residency¶
The residency pack can filter providers based on the classification label via
Principal.labels. See the residency how-to for details.