CalypsoAI provides multi-layered customizable scanners to ensure your organizational policies and standards are applied to user prompts and LLM responses. Each scanner has default settings and thresholds that can be changed at the global level by a Super Administrator or at the team level by Group Administrators.
Click Scanners in the Configuration section of the navigation panel.
Click Global to view the list of scanners available across the organization's CalypsoAI workspace.
Click Groups and then select a group name from the drop-down list to see the scanners available to that group.
Click Chatbots and then select a chatbot from the drop-down list to see the scanners available within that chatbot.
The platform offers three categories of scanners: CalypsoAI GenAI Scanners, CalypsoAI Out-of-the-Box Scanners, and Custom Scanners. This document details the 13 Out-of-the-Box Scanners. Click the Down Arrow icon to display the list of default scanners.
Hover over the text below the scanner name for a brief description of the scanner actions.
Slide the toggle in the Active column to activate the scanner. If the scanner is not activated, it will not interact with any user prompts or model responses.
When activated, select the task the scanner should perform:
Block: The scanner will review the content in prompts and/or responses for the type of content described in the scanner description and prohibit any identified content from being sent to or returned from the LLM. The scanner will return the scanner response message to inform the user the relevant prompt or response was blocked.
Audit: The scanner will review the content in prompts and/or responses for the type of content described in the scanner description and allow any identified content to be sent to or returned from the LLM, but the content's presence in the prompt or response will be noted in the Prompt History.
Click the three dots in the Action column.
Select Advanced Configuration to update the scanner's activity; this is detailed below for each scanner.
Select Edit Scanner Response to change the message shown when the scanner blocks a prompt.
Scanners that do not have a three-dot icon are not configurable.
Blocked Term Policy
Blocked Term Policy allows Admins to establish a customized, editable list of terms to be blocked when included in a prompt. Super Admins can update this globally by adding or deleting terms and Group Admins with access can update the list for their team(s).
DLP: Personal Identifiable Information (PII)
DLP: PII Policy allows thresholds to be set for identifying and acting on personally identifiable information included in a prompt. The PII included by default are names, phone numbers, email addresses, Social Security Numbers, and credit card information. Including physical/geographical addresses is optional. Super Admins can change the sensitivity setting globally and Group Admins with access can change the sensitivity setting for their team(s).
DLP: Source Code
DLP: Source Code Policy allows thresholds to be set for identifying and acting on (by language) source code included in a prompt. Including Import Statements is optional. Super Admins can change these settings globally and Group Admins with access can change the settings for their team(s).
Legal Content Detection
Legal Content Detection Policy allows thresholds to be set for identifying and acting on legal documentation included in a prompt. Super Admins can change the sensitivity setting and selections globally and Group Admins with access can change the sensitivity settings and selections for their team(s).
Malware: Source Code
Malware: Source Code Policy allows thresholds to be set for identifying and acting on (by language) source code included in a prompt to or response from an LLM. Including Import Statements is optional. Super Admins can change these settings globally and Group Admins with access can change the settings for their team(s).
Prompt Injection
Prompt Injection Policy allows thresholds to be set for identifying and acting on language that attempts to bypass internal controls via a prompt. Super Admins can change the sensitivity setting globally and Group Admins with access can change the sensitivity setting for their team(s).
Secret Detection
Secret Detection Policy detects and acts on an extensive default set of information types included in a prompt. Examples of default secrets include API keys, passkeys, and other information typically restricted to internal, authorized company use. This scanner is not customizable.
Toxicity/Toxic Language
Toxicity Policy allows thresholds to be set for identifying and acting on a default set of content types included in a prompt. Super Admins can change the thresholds globally and Group Admins with access can change the thresholds for their team(s).
Audit Terms
Audit Terms allows Admins to establish a customized, editable list of terms to be audited when included in a prompt. Super Admins can update this globally by adding or deleting terms and Group Admins with access can update the list for their team(s).
Demographic Auditing
Demographic Auditing tracks the inclusion in prompts of terms or topics that identify demographic characteristics or are typically associated with bias or stereotypes. This scanner does not block content.
Name Entity Auditing
Name Entity Auditing tracks the inclusion in prompts of names or other terms associated with specific entities, which could reveal private or confidential information about the organization’s relationship with the entity. This scanner does not block content.
Sentiment Recording
Sentiment Recording, where allowed, provides insight as to the emotional polarity of prompt content. This scanner does not block content.
Topics Auditing
Topics Auditing tracks the inclusion in prompts of terms or topics not typically associated with business functions. This scanner does not block content.