Luna AI Guardrails
Luna’s responses pass through a three-layer guardrail system that checks for compliance violations, business rule breaches, and safety issues. The guardrails run after the AI generates a response and can flag, escalate, or block content.
Architecture
AI Response Generated
│
▼
┌───────────────────┐
│ Compliance Layer │ FDA claims, PHI, clinical, brand voice
└────────┬──────────┘
│
▼ (parallel)
┌───────────────────┐
│ Business Layer │ Competitors, PII, pricing, prohibited terms
└────────┬──────────┘
│
▼ (parallel)
┌───────────────────┐
│ Safety Layer │ Dosage limits, drug interactions, contraindications
└────────┬──────────┘
│
▼
┌───────────────────┐
│ Result Aggregation│ Combine violations, determine severity
│ & Escalation │ Log if needed, escalate if critical
└───────────────────┘All three layers run in parallel for performance.
Usage
import { checkGuardrails } from '@loop/guardrails';
const result = await checkGuardrails({
userMessage: 'Can I take 1000mcg of BPC-157?',
aiResponse: 'A typical dose of BPC-157 is 250-500mcg...',
context: {
brandKey: 'loop-rx',
userId: 'user_123',
userProfile: {
conditions: ['hypertension'],
medications: ['lisinopril'],
biomarkers: [],
},
},
});
if (result.shouldEscalate) {
// Log escalation, notify staff
}
for (const violation of result.violations) {
console.log(violation.layer); // 'compliance' | 'business' | 'safety'
console.log(violation.type); // e.g., 'fda_claim', 'dosage_exceeded'
console.log(violation.severity); // 'info' | 'warning' | 'critical'
console.log(violation.message); // Human-readable description
}Compliance Layer
Checks for FDA regulatory compliance, PHI exposure, clinical safety, and brand voice consistency.
FDA Compliance
Detects responses that make unapproved claims about peptides or supplements:
| Pattern | Violation |
|---|---|
| ”FDA approved for…” | False FDA approval claim |
| ”Cures [condition]“ | Unapproved cure claim |
| ”Guaranteed to…” | Efficacy guarantee |
| ”Prescribing [medication]“ | Unauthorized prescribing |
| Diagnosing conditions | Unauthorized diagnosis |
PHI Protection
Detects potential Protected Health Information in responses:
| Pattern | Type |
|---|---|
| SSN patterns | phi_exposure |
| Medical record numbers | phi_exposure |
| Patient ID exposure | phi_exposure |
| Date of birth | phi_exposure |
| Insurance information | phi_exposure |
Clinical Safety
| Pattern | Violation |
|---|---|
| Recommending specific prescriptions | clinical_violation |
| Suggesting medication adjustments | clinical_violation |
| Making direct diagnoses | clinical_violation |
| Mentioning controlled substances without disclaimer | clinical_violation |
| Emergency without 911 guidance | clinical_violation |
Brand Voice
| Pattern | Violation |
|---|---|
| Overly casual medical advice | brand_violation |
| Dismissing emergencies | brand_violation |
| Absolute medical statements | brand_violation |
| Missing medical disclaimers | brand_violation |
Business Layer
Checks for business rule compliance including competitor mentions, PII exposure, and pricing violations.
Competitor Detection
Luna should not recommend or compare against competitors:
Blocked competitors: Hims, Hers, Ro, Roman, Numan, Keeps, Nurx, Empower Pharmacy, Tailor Made, Defy Medical, Marek Health, Ways2Well
PII Protection
Detects personally identifiable information in responses:
| Pattern | Type |
|---|---|
| Email addresses | pii_exposure |
| Phone numbers | pii_exposure |
| Physical addresses | pii_exposure |
| ZIP codes | pii_exposure |
| Credit card numbers | pii_exposure |
Pricing Rules
| Pattern | Violation |
|---|---|
| Mentioning specific prices | pricing_violation |
| Offering discounts | pricing_violation |
| Price comparisons | pricing_violation |
Prohibited Terms
Certain terms trigger business violations:
- “wholesale price”
- “bulk discount”
- “gray market”
- “counterfeit”
- Other terms that could create legal liability
Safety Layer
Checks for dosage safety, drug interactions, and contraindications.
Dosage Limits
Maximum recommended dosages for common peptides:
| Peptide | Max Single Dose | Max Daily Dose |
|---|---|---|
| BPC-157 | 500mcg | 1000mcg |
| TB-500 | 5mg | 10mg |
| Ipamorelin | 300mcg | 900mcg |
| CJC-1295 | 2mg | 2mg |
| MK-677 | 25mg | 25mg |
| Semaglutide | 2.4mg | 2.4mg |
If the AI response mentions a dosage exceeding these limits, a dosage_exceeded violation is raised.
Drug Interactions
Known peptide-drug interactions checked:
| Peptide | Interacting Drug | Severity |
|---|---|---|
| BPC-157 | Anticoagulants (warfarin, heparin) | Moderate |
| Ipamorelin | Insulin, Metformin | Moderate |
| MK-677 | Insulin, Diabetes medications | High |
| Semaglutide | Insulin, Sulfonylureas | High |
Contraindication Integration
Uses @loop/contraindications and @loop/health-data to check the AI response against the patient’s conditions and medications.
Brand Configuration
Guardrails are configurable per brand using the Loop brand config:
// packages/guardrails/src/config/brands/loop.ts
export const loopConfig: BrandGuardrailConfig = {
compliance: {
fdaPatterns: [...],
phiPatterns: [...],
clinicalPatterns: [...],
brandVoicePatterns: [...],
},
business: {
competitorPatterns: [...],
piiPatterns: [...],
pricingPatterns: [...],
prohibitedTerms: [...],
},
safety: {
dosageLimits: [...],
drugInteractions: [...],
},
};Severity Levels
| Severity | Action | Example |
|---|---|---|
info | Log only | Minor brand voice inconsistency |
warning | Log + flag | Competitor mention, borderline dosage |
critical | Log + escalate | PHI exposure, dangerous dosage, emergency mishandling |
Guardrail Result
interface GuardrailResult {
passed: boolean; // No critical violations
shouldEscalate: boolean; // Requires human review
violations: Violation[];
summary: string; // Human-readable summary
}