Configure bot settings and guardrails

Users can modify the application settings to customize default configurations according to their preferences.

Access bot settings

Navigate to the bot settings to view current configurations, including the selected model, temperature setting for response variability, and maximum token limit.

Click ‘View all settings’ to access additional parameters and their preset settings:

  • Top P: Also known as nucleus sampling, controls response diversity by considering only the top probability mass tokens.

  • Presence penalty: Adjusts the likelihood of introducing new topics by discouraging repeated words.

  • Frequency penalty: Reduces the probability of repetitive phrases by penalizing frequent token occurrences.

  • Context max token: Defines the limit for contextual memory, determining how much past conversation is retained.

  • Response max token: Specifies the maximum token count for each AI-generated response.

  • Model: The specific AI model used for generating responses.

  • Guardrails: Safety constraints applied to AI-generated responses to ensure appropriate content.

  • Static input: Automatically appends predefined text to every prompt sent to the LLM. This input serves as consistent context or instruction, helping shape responses. Useful for maintaining tone, domain relevance, or specific behavior across interactions.

  • Rerank: Improves search result relevance by prioritizing the most relevant responses.

  • Follow-up conversation: Enables the model to recall past interactions within the same session.

  • Source: Allows the model to summarize documents as part of its responses.

Editing model parameters

  1. Click on the pencil icon to edit settings.

  2. Select the preferred model.

  3. Adjust parameters using the provided controls:

    • Click ‘Load Presets’ and select Creative, Balanced, or Precise.

      • Load Presets provides predefined configuration settings optimized for different response styles:

        • Creative: Generates more imaginative and diverse responses.

        • Balanced: Maintains a mix of creativity and precision.

        • Precise: Focuses on accuracy and concise responses.

  • Use the slider to configure each parameter based on your preferred output behavior. Refer to the definitions above for guidance on how each parameter affects responses.

  1. Enable or disable features as needed:

  • Reranking model: Enhances the relevance of search results.

  • Follow-up conversation: Allows the model to remember previous conversations within a session.

  • Guardrails (Optional): Applies safety constraints to AI responses.

  • Static input (Optional): Adds static text for consistent context.

  • Source (Optional): Allows the model to summarize documents in responses.

Saving and reverting settings

  • Update settings: Click to save customized configurations for future use.

  • Default settings: Click to revert to default configurations.

Advanced manual configuration

  • Users can also make manual changes by clicking the ‘Edit’ button in the manual configure box.

  • This option is applicable only for advanced users.

Add guardrails

Guardrails act as the app’s built-in protective layer, ensuring every interaction stays compliant, secure, and aligned with the organization's standards. Enabling them proactively helps prevent policy violations and jailbreak attempts before they ever reach production. To add a guardrail, follow the steps below:

  • Click ‘+ Add a guardrail parameter’.

  • A right-hand side panel titled Add Guardrail Parameter appears.

Toggle on one or both options:

  • Input Checking – screens every user prompt for policy violations (jailbreak detection, hate, self-harm, disallowed content) and blocks or sanitizes the request/response.

    • You can enable Input Checking to activate content-moderation filters, sexual content, harassment, hate, and dangerous content. Each filter is adjustable with intuitive slider controls, giving users fine-grained control over moderation thresholds.

      Each category can be tuned using a three-level slider:

      • Block None – No filtering applied. All content is allowed.

      • Block Few – Minimal filtering applied. Only severe or explicit cases are blocked.

      • Block Most – Strict filtering applied. Most flagged content is blocked.

Jailbreak Detection – looks for prompt-injection patterns that try to override your system instructions and blocks or sanitizes the request/response.

  • You can find the following jailbreak categories for more granular control and security oversight. You can enable or disable each category for Jailbreak Detection filtering based on your requirements:

    • System Override

    • Code Injection

    • PII Access

  • Output Checking - ensures that your AI application's responses are factual, safe, and aligned with your knowledge base. This feature is particularly useful in retrieval-augmented generation (RAG) setups, where validating both the factual fidelity and safety of LLM outputs is essential. Output Checking evaluates model responses for the following risks:

    • Misinformation - Detects and flags outputs that may contradict the retrieved knowledge base content or include unsupported claims.

    • System Prompt Leakage - Identifies and prevents exposure of internal system prompts, hidden instructions, or instructions that could compromise the integrity of your application.

  • Hallucination Detection -This feature automatically validates AI-generated outputs against the linked Knowledge Base to detect factual inconsistencies or unsupported claims. It uses LLM-as-a-judge to identify and block responses that deviate from trusted sources. If hallucination is detected, the app returns a fallback message, ensuring that only accurate, trusted responses are delivered. The following risks are evaluated through Hallucination Detection:

    • Irrelevant Content - This check identifies responses that do not address the user’s query or fall outside the intended context of the conversation.

    • Extra Speculation - This check identifies responses that contain unsupported assumptions, hypothetical claims, or unverifiable statements that are not substantiated by the provided knowledge base.

Once guardrails are enabled, they appear in the main panel with a lock icon, indicating that they are active. You can reopen the panel at any time to disable or re-enable them.

Note: The ‘+ Add a guardrail parameter’ button remains available so you can attach future guardrail types as they become available in ZBrain.

Each monitored parameter (such as input and jailbreak) has its dedicated .yml file (e.g., input.yml, jailbreak.yml). These files are generated and versioned independently and stored in a private S3 bucket. Only users with required credentials can access those files.

Proceeding to the next step

Click ‘Next’ to move forward to the set appearance page.

PreviousHow to leverage knowledge base(s) for app creationNextHow to build advanced applications using Flow

Last updated