Skip to main content
Restrictions are the highest-priority guardrails — absolute limits on what your agent cannot do or say.

What are Restrictions?

Restrictions define forbidden actions or topics. Unlike escalation rules (which hand off to humans), restrictions typically redirect the conversation or provide an alternative response. Examples:
  • Cannot promise refunds without approval
  • Cannot discuss competitor products
  • Cannot share internal pricing
  • Cannot provide medical or legal advice

Restrictions vs Escalation

RestrictionsEscalation Rules
Block and redirectHand off to human
Agent continues conversationAgent stops
Prevents specific actionsTransfers responsibility
”I can’t do X, but I can do Y""Let me connect you with someone”

Creating Restrictions

1

Navigate to Guardrails

Go to Train → Guardrails and select the Restrictions tab.
2

Click Create Restriction

Click Create Restriction.
3

Name the Restriction

Give it a clear name:
  • Good: “No Refund Promises”, “No Competitor Discussion”
  • Avoid: “Restriction 1”, “Don’t”
4

Define What's Forbidden

Describe what the agent cannot do.
5

Configure Response

Define how the agent should respond when this triggers.
6

Test

Verify detection with the built-in playground.
7

Save

Save and activate the restriction.

Detection Methods

Same as escalation rules:

AI-Based

Describe the forbidden topic: 
Restrict any discussion or comparison of competitor products 
or services, including:
- Naming competitor companies
- Comparing features or pricing
- Responding to "is X better than Y" questions
- Discussing why customers might choose competitors

Keyword

Trigger on specific terms: 
[competitor-name-1], [competitor-name-2], 
refund guarantee, price match, free trial extension

Regex

Match specific patterns: 
# Block sharing of internal URLs
https?://internal\.[a-z]+\.com

# Block specific codes
PROMO-[A-Z]{3}-\d{4}

Configuring Restriction Response

When a restriction triggers, the agent should:
  1. Acknowledge the request (don’t ignore it)
  2. Explain it can’t fulfill this specific request
  3. Redirect to an appropriate alternative
  4. Continue helping with other matters

Good Response Templates

No Refund Promises: 
I'd be happy to help with your refund request! While I can't 
process refunds directly, I can connect you with our billing 
team who can review your case and assist you. Would you like 
me to do that?
No Competitor Discussion: 
I'm focused on helping you get the most out of our product. 
I'd love to tell you more about [specific feature] that might 
address what you're looking for. What would be most helpful?
No Internal Pricing: 
For custom pricing and enterprise plans, our sales team would 
be the best resource. They can put together options tailored 
to your needs. I can help you connect with them — would you 
like me to set that up?
No Medical/Legal Advice: 
I'm not qualified to provide medical/legal advice, and I want 
to make sure you get accurate information. I'd recommend 
consulting with a [doctor/lawyer] for this question. Is there 
anything else I can help you with today?

Example Restrictions

No Unauthorized Discounts

SettingValue
NameNo Unauthorized Discounts
DetectionAI + Keyword
Keywordsdiscount, coupon, promo code, special price
DescriptionCannot offer discounts or promotional pricing
Response”I don’t have the ability to offer special pricing, but our sales team might be able to help. Want me to connect you?”

No Competitor Comparison

SettingValue
NameNo Competitor Discussion
DetectionKeyword + AI
Keywords[list of competitor names]
DescriptionCannot discuss or compare competitor products
Response”I’m focused on helping you succeed with our product. What specific need are you trying to address?”

No Security Information

SettingValue
NameNo Security Details
DetectionAI
DescriptionCannot share internal security architecture, vulnerabilities, or detailed implementation
Response”For security questions, please contact [email protected] or request our security documentation through your account manager.”

No Data Deletion Promises

SettingValue
NameNo Data Deletion Promises
DetectionKeyword + AI
Keywordsdelete my data, GDPR, right to be forgotten, data removal
DescriptionCannot promise or perform data deletion without proper process
Response”Data deletion requests need to go through our privacy team to ensure we handle them properly. I can submit a request on your behalf — would you like me to do that?”

Testing Restrictions

Use the built-in playground:
  1. Open the restriction
  2. Enter messages that might trigger it
  3. Verify detection works correctly
  4. Test edge cases
Test scenarios:
  • Direct requests (e.g., “Give me a refund”)
  • Indirect requests (e.g., “I’m unhappy with my purchase”)
  • False positives (e.g., “What’s your refund policy” should NOT trigger “No Refund Promises”)

Priority

Restrictions are the highest priority in the guardrail system: 
Message arrives


Check Restrictions ← Highest priority

      ├─ If triggered → Use restriction response


Check Escalation Rules

      ├─ If triggered → Escalate


Normal Processing

Assigning to Agents

1

Open Agent Configuration

Go to Build → Agents and click on an agent.
2

Go to Guardrails Tab

Select the Guardrails tab.
3

Select Restrictions

Check the restrictions that should apply.
4

Save

Save the agent configuration.

Best Practices

  • Be specific about what’s forbidden
  • Provide helpful alternatives in responses
  • Test for false positives — don’t over-restrict
  • Review regularly — update as policies change
  • Keep responses friendly — restrictions shouldn’t feel like rejections

Next Steps

Escalation Rules

Define when to hand off to humans

Guardrails Overview

Back to overview