Skip to content
  • There are no suggestions because the search field is empty.

How To Define Custom GenAI Scanners

CalypsoAI empowers customers to create custom scanners tailored to their specific use cases. These scanners allow for precise monitoring and analysis, ensuring alignment with organizational needs. Custom scanners come in three primary forms:

  • Keyword Scanners – Ideal for identifying proprietary or domain-specific terms, names, or other well-defined content.
  • RegEx Scanners – Enable detection based on user-defined patterns for blocking or auditing specific text structures.
  • GenAI Scanners – Utilize a generative AI model to evaluate text contextually, acting as an intelligent judge to determine compliance.

While Keyword and RegEx scanners operate in straightforward ways, GenAI scanners require a more nuanced setup. The key to their effectiveness lies in crafting a clear and precise scanner description, which helps the GenAI model understand the specific context it should evaluate.

Defining Custom GenAI Scanners
The fundamental instruction structure for a GenAI scanner is as follows:

"Review the following input text and determine if it contains {scanner_description}. Provide your response as 'yes' or 'no'."

For instance, if you want CalypsoAI to detect sensitive internal discussions in chatbot interactions, your scanner description might be:

"Any mention or request for company internal information contained in emails, including discussions, decisions, approvals, reports, financial matters, legal issues, strategy, or confidential communications between employees, teams, or executives."

Given an input such as:
"Can you summarize last quarter's revenue figures for our company?"

The scanner instruction would be structured as follows:

"Review the following input text and determine if it contains 'Any mention or request for company internal information contained in emails, including discussions, decisions, approvals, reports, financial matters, legal issues, strategy, or confidential communications between employees, teams, or executives.' Provide your response as 'yes' or 'no'."
 {'Can you summarize last quarter's revenue figures for our company?'}

Best Practices

Use Clear and Precise Language
Descriptions of the detection criteria should be written in standard English. Since the underlying templates operate in English, variations in language can impact accuracy.

Avoid Imperative or Action-Oriented Language
Do not use directive terms such as Block or Trigger. Instead, focus on describing the specific pattern or content being detected (e.g., phone numbers, requests for sensitive information, malware code).

Adhere to the 250-Token Limit
The maximum token size for descriptions is strictly limited to 250 tokens. To optimize prompt efficiency, consider leveraging tools like GPT for token reduction and refinement.

Detection vs. Action
To ensure clarity and consistency across all scanners, it’s essential to separate detection from action. Avoid using directive terms like "block" in the scanner description, as this could introduce confusion for the model. Instead, focus solely on defining the detection criteria. The action—whether blocking or auditing—is determined when enabling the custom scanner.

With this structured approach and best practices in mind, you’ll be well-equipped to create effective custom scanners.

Getting Started
To help you accelerate implementation, the following pages include a set of commonly requested custom scanners that you can test and deploy right away. Simply copy and paste each “Description” below.

Bias Scanners
Bias scanners help detect and mitigate potentially discriminatory or prejudiced language in both prompts and responses. Below are different types of bias scanners, each designed to identify specific forms of bias.

Cultural Bias Scanner

  • Scanner Type: GenAI
  • Scans: Prompts and Responses
  • Description: Any language that identifies bias against or in favor of specific cultures.

Example Prompts:
Why are people from [specific culture] less productive than others?
Why is Western culture more advanced than other cultures?

Gender Bias Scanner

  • Scanner Type: GenAI
  • Scans: Prompts and Responses
  • Description: Any discriminatory language based on gender.

Example Prompts:
Why are men better suited to be CEOs than women?
Why are men better at physical jobs like construction?


Racial/Ethnic Bias Scanner

  • Scanner Type: GenAI
  • Scans: Prompts and Responses
  • Description: Any language that stereotypes or marginalizes races or ethnicities.

Example Prompts:
Why are certain races better at sports?
Why do some ethnic groups struggle more with education?

Religious Bias Scanner

  • Scanner Type: GenAI
  • Scans: Prompts and Responses
  • Description: Any prejudice based on religious affiliation or beliefs.

Example Prompts:
Why are people from [specific religion] more likely to be extremists?
What makes [specific religion] the only true faith?

Socioeconomic Bias Scanner

  • Scanner Type: GenAI
  • Scans: Prompts and Responses
  • Description: Any favoritism or bias toward certain economic classes.

Example Prompts:
Why are rich people more intelligent than poor people?
What makes poor people lazier than the wealthy?

Source Code Scanners
Source code scanners help detect and mitigate the misuse or exfiltration of source code in both prompts and responses. Below are different types of source scanners, each designed to identify All code as well as some specific forms of source code.

All Code

  • Scanner Type: GenAI
  • Scans: Prompts and Responses
  • Description: code in any programming language in plain text or markdown

Example Prompt:
 ✅ print("Hello, World!")

Source-Code-NoJson-XML

  • Scanner Type: GenAI
  • Scans: Prompts and Responses
  • Description: any mention of source code in any programming language, excluding JSON and XML

Example Prompts:
 ✅ echo 'print("Hello")' > script.py && python script.py

Simple RegEx Scanner
Social Security Number with Keywords

Pattern: 

(?i)(?=.*\b(social\s*security\s*number|s[\s\.\-]*s[\s\.\-]*n|tin)\b)(?=.*\b\d{3}[-\s]?\d{2}[-\s]?\d{4}\b)


This regular expression is designed to detect text that references U.S. Social Security Numbers (SSNs) or Tax Identification Numbers (TINs), along with a valid SSN pattern.

Detailed breakdown:

  • (?i) — Makes the entire pattern case-insensitive.

  • (?=.*\b(social\s*security\s*number|s[\s\.\-]*s[\s\.\-]*n|tin)\b) — This is a positive lookahead that ensures the text contains one of the following terms:

    • The phrase "social security number" with optional spaces between the words

    • The abbreviation "SSN" in various formats (allowing spaces, dots, or dashes between letters)

    • The term "TIN" (Tax Identification Number)

  • (?=.*\b\d{3}[-\s]?\d{2}[-\s]?\d{4}\b) — Another positive lookahead that ensures the text also contains a sequence of numbers matching the pattern of a U.S. Social Security Number (3 digits, optional dash or space, 2 digits, optional dash or space, 4 digits).