A Flexible Large Language Models Guardrail Development Methodology Applied to Off-Topic Prompt Detection
This addresses the challenge of developing effective guardrails for LLM safety in pre-production environments, though it is incremental as it builds on existing guardrail concepts with a novel data generation approach.
The paper tackles the problem of off-topic misuse in Large Language Models by introducing a flexible, data-free guardrail development methodology that uses synthetic data generation to outperform heuristic approaches, with open-sourced datasets and models.
Large Language Models (LLMs) are prone to off-topic misuse, where users may prompt these models to perform tasks beyond their intended scope. Current guardrails, which often rely on curated examples or custom classifiers, suffer from high false-positive rates, limited adaptability, and the impracticality of requiring real-world data that is not available in pre-production. In this paper, we introduce a flexible, data-free guardrail development methodology that addresses these challenges. By thoroughly defining the problem space qualitatively and passing this to an LLM to generate diverse prompts, we construct a synthetic dataset to benchmark and train off-topic guardrails that outperform heuristic approaches. Additionally, by framing the task as classifying whether the user prompt is relevant with respect to the system prompt, our guardrails effectively generalize to other misuse categories, including jailbreak and harmful prompts. Lastly, we further contribute to the field by open-sourcing both the synthetic dataset and the off-topic guardrail models, providing valuable resources for developing guardrails in pre-production environments and supporting future research and development in LLM safety.