feat: add NeMo Guardrails example plugin

[afourniernv]

Summary

• Add an external Python NeMo Guardrails example plugin for NeMo Flow LLM and tool calls.
• Add runnable example assets and native Guardrails config examples under examples/nemoguardrails.
• Document configuration, runtime behavior, supported codecs, and limitations.
• Add focused pytest coverage with stubbed nemoguardrails modules so CI does not need the optional dependency.

Closes #26

Closes NMF-16

Testing

• uv run pytest python/tests/test_nemoguardrails_example_plugin.py
• uv run pre-commit run --files docs/build-plugins/about.md docs/build-plugins/nemoguardrails.md docs/index.md examples/nemoguardrails/README.md examples/nemoguardrails/example/agent_example.py examples/nemoguardrails/example/example_config.yml examples/nemoguardrails/example/plugin.py examples/nemoguardrails/example/rails/config.yml python/tests/test_nemoguardrails_example_plugin.py

Summary by CodeRabbit

• New Features

  • Added NeMo Guardrails example plugin providing safety validation for LLM requests, responses, and tool calls with configurable enforcement modes.

• Documentation

  • New guides and documentation for building NeMo Guardrails plugins, including configuration setup, parameters, and working examples.

• Tests

  • Comprehensive test suite for NeMo Guardrails plugin covering validation and runtime scenarios.

[copy-pr-bot]

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

[coderabbitai]

Walkthrough

This PR adds a complete NeMo Guardrails example plugin for NeMo Flow, including plugin implementation with LLM and tool execution interceptors, configuration examples, a runnable agent demonstrating multiple Guardrails modes, comprehensive documentation, and a full test suite with mocked dependencies.

Changes

NeMo Guardrails Plugin Integration

Layer / File(s)	Summary
Plugin Core Implementation examples/nemoguardrails/example/plugin.py	Implements NeMoGuardrailsPlugin class with validation, LLM/tool execution interceptors, config loading from file or inline YAML, codec selection, and rail checking (pass/block/rewrite semantics). Includes error types, helper utilities for message/payload transformation, and public register/deregister functions.
Configuration Files examples/nemoguardrails/example/example_config.yml, examples/nemoguardrails/example/rails/config.yml	Define NeMo Guardrails configurations using nvidia_ai_endpoints with Llama 3.1 8B, self-check input/output rails, and prompt templates for blocking based on security/safety criteria.
Example Agent examples/nemoguardrails/example/agent_example.py	Provides a complete runnable agent demonstrating plugin registration, initialization, CLI modes (passthrough/inline/path), tool selection (current_time/weather), and LLM interaction via NVIDIA chat completions API with rail validation.
Example Initialization & Usage examples/nemoguardrails/README.md	Documents example overview, capabilities, boundaries, installation steps, usage patterns, and test strategy with mocked guardrails module.
Plugin Documentation docs/build-plugins/nemoguardrails.md	Comprehensive guide covering installation, plugin configuration (config_path vs config_yaml), parameter reference, example agent walkthrough, runtime behavior (pass/block/rewrite semantics), codec support, and documented limitations.
Navigation Updates docs/build-plugins/about.md, docs/index.md	Added new guide link and toctree entry for the NeMo Guardrails plugin documentation.
Test Suite python/tests/test_nemoguardrails_example_plugin.py	Comprehensive pytest suite with fake guardrails mocking, validation tests (config constraints, type checking), and runtime tests for LLM/tool input/output rail handling (pass/block/rewrite scenarios), error conditions, and codec integration.

Sequence Diagram

sequenceDiagram
    participant Agent as Agent Example
    participant Flow as NeMo Flow
    participant Plugin as NeMo Guardrails Plugin
    participant Rails as NeMo Guardrails
    participant Provider as NVIDIA LLM API
    participant Tool as Example Tool

    Agent->>Flow: initialize(plugin_config)
    Flow->>Plugin: register(config)
    Plugin->>Rails: load config (path or inline YAML)
    activate Plugin
    
    Agent->>Flow: llm.execute(chat_request)
    Flow->>Plugin: LLM input intercept
    Plugin->>Rails: check_async(user_message, rail_type=input)
    alt Rails Pass
        Rails-->>Plugin: PASS
        Plugin->>Provider: POST chat completions
        Provider-->>Plugin: response
        Plugin->>Rails: check_async(response, rail_type=output)
        alt Rails Pass
            Rails-->>Plugin: PASS
            Plugin-->>Flow: response
        else Rails Block
            Rails-->>Plugin: BLOCKED
            Plugin-->>Flow: raise NeMoGuardrailsViolation
        else Rails Modified
            Rails-->>Plugin: MODIFIED
            Plugin-->>Flow: raise NeMoGuardrailsViolation (rewrite unsupported)
        end
    else Rails Block
        Rails-->>Plugin: BLOCKED
        Plugin-->>Flow: raise NeMoGuardrailsViolation
    else Rails Modified
        Rails-->>Plugin: MODIFIED
        Plugin->>Provider: POST modified request
        Provider-->>Plugin: response
        Plugin-->>Flow: response
    end
    
    deactivate Plugin

    Agent->>Flow: tools.execute(tool_call)
    Flow->>Plugin: Tool input intercept
    Plugin->>Rails: check_async(tool_input_json, rail_type=tool_input)
    alt Rails Pass
        Rails-->>Plugin: PASS
        Plugin->>Tool: execute(args)
        Tool-->>Plugin: result
        Plugin->>Rails: check_async(result_json, rail_type=tool_output)
        alt Rails Pass
            Rails-->>Plugin: PASS
            Plugin-->>Flow: result
        else Rails Modified
            Rails-->>Plugin: MODIFIED
            Plugin->>Plugin: rewrite result from JSON
            Plugin-->>Flow: rewritten result
        end
    else Rails Modified
        Rails-->>Plugin: MODIFIED
        Plugin->>Plugin: rewrite arguments from JSON
        Plugin->>Tool: execute(rewritten_args)
        Tool-->>Plugin: result
        Plugin-->>Flow: result
    end

Loading

Estimated Code Review Effort

🎯 4 (Complex) | ⏱️ ~50 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 2.38% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The PR title follows Conventional Commits format with 'feat' type and a concise imperative summary under 72 characters, accurately describing the main change.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description check	✅ Passed	PR description provides clear summary of changes (NeMo Guardrails plugin, examples, docs, tests), includes related issues (#26, NMF-16), and specifies testing commands; minimal deviation from template.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@docs/build-plugins/nemoguardrails.md`:
- Around line 201-203: Rewrite the three bullet lines so they vary sentence
structure and avoid all starting with "for"; specifically update the entries for
openai_chat, openai_responses, and anthropic_messages to describe what each
plugin handles using different lead-ins (e.g., "Handles OpenAI Chat
Completions-style requests and responses," "Supports OpenAI Responses API-style
requests and responses," "Provides support for Anthropic Messages-style requests
and responses") while keeping the same intent and keywords.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Enterprise

Run ID: f6daa1e2-9930-469a-9fa8-e302c8bad518

📥 Commits

Reviewing files that changed from the base of the PR and between 696bd99 and 599fd6c.

📒 Files selected for processing (9)

• docs/build-plugins/about.md
• docs/build-plugins/nemoguardrails.md
• docs/index.md
• examples/nemoguardrails/README.md
• examples/nemoguardrails/example/agent_example.py
• examples/nemoguardrails/example/example_config.yml
• examples/nemoguardrails/example/plugin.py
• examples/nemoguardrails/example/rails/config.yml
• python/tests/test_nemoguardrails_example_plugin.py

📜 Review details

🧰 Additional context used

📓 Path-based instructions (31)

**/*.{md,rst,html,txt}

📄 CodeRabbit inference engine (.agents/skills/review-doc-style/assets/nvidia-style-brand-terminology.md)

**/*.{md,rst,html,txt}: Always spell NVIDIA in all caps. Do not use Nvidia, nvidia, nVidia, nVIDIA, or NV.
Use an NVIDIA before a noun because the name starts with an 'en' sound.
Do not add a registered trademark symbol after NVIDIA when referring to the company.
Use trademark symbols with product names only when the document type or legal guidance requires them.
Verify official capitalization, spacing, and hyphenation for product names.
Precede NVIDIA product names with NVIDIA on first mention when it is natural and accurate.
Do not rewrite product names for grammar or title-case rules.
Preserve third-party product names according to the owner's spelling.
Include the company name and full model qualifier on first use when it helps identify the model.
Preserve the official capitalization and punctuation of model names.
Use shorter family names only after the full name is established.
Spell out a term on first use and put the acronym in parentheses unless the acronym is widely understood by the intended audience.
Use the acronym on later mentions after it has been defined.
For long documents, reintroduce the full term if readers might lose context.
Form plurals of acronyms with s, not an apostrophe, such as GPUs.
In headings, common acronyms can remain abbreviated. Spell out the term in the first or second sentence of the body.
Common terms such as CPU, GPU, PC, API, and UI usually do not need to be spelled out for developer audiences.

Files:

• docs/build-plugins/about.md
• examples/nemoguardrails/README.md
• docs/index.md
• docs/build-plugins/nemoguardrails.md

**/*.{md,rst,html}

📄 CodeRabbit inference engine (.agents/skills/review-doc-style/assets/nvidia-style-brand-terminology.md)

Link the first mention of a product name when the destination helps the reader.

Files:

• docs/build-plugins/about.md
• examples/nemoguardrails/README.md
• docs/index.md
• docs/build-plugins/nemoguardrails.md

**/*.{md,rst,txt}

📄 CodeRabbit inference engine (.agents/skills/review-doc-style/assets/nvidia-style-guide.md)

**/*.{md,rst,txt}: Spell NVIDIA in all caps. Do not use Nvidia, nvidia, or NV.
Format commands, code elements, expressions, package names, file names, and paths as inline code.
Use descriptive link text. Avoid raw URLs and weak anchors such as 'here' or 'read more.'
Use title case consistently for technical documentation headings.
Introduce code blocks, lists, tables, and images with complete sentences.
Write procedures as imperative steps. Keep steps parallel and split long procedures into smaller tasks.
Prefer active voice, present tense, short sentences, contractions, and plain English.
Use can for possibility and reserve may for permission.
Use after for temporal relationships instead of once.
Prefer refer to over see when the wording points readers to another resource.
Avoid culture-specific idioms, unnecessary Latinisms, jokes, and marketing exaggeration in technical documentation.
Spell out months in body text, avoid ordinal dates, and use clear time zones.
Spell out whole numbers from zero through nine unless they are technical values, parameters, versions, or UI values.
Use numerals for 10 or greater and include commas in thousands.
Do not add trademark symbols to learning-oriented documentation unless the source, platform, or legal guidance explicitly requires them.
Do not add trademark symbols to NeMo Flow learning documentation by default.
Do not rewrite API names, package names, command flags, or code literals for style reasons.

Files:

• docs/build-plugins/about.md
• examples/nemoguardrails/README.md
• docs/index.md
• docs/build-plugins/nemoguardrails.md

**/*.{md,markdown,rst}

📄 CodeRabbit inference engine (.agents/skills/review-doc-style/assets/nvidia-style-technical-docs.md)

**/*.{md,markdown,rst}: Use title case consistently in technical documentation headings
Avoid quotation marks, ampersands, and exclamation marks in headings
Keep product, event, research, and whitepaper names in their official title case
Use title case for table headers
Do not force social-media sentence case into technical docs
Use monospace formatting for code elements, commands, parameters, package names, and expressions
Use monospace formatting for directories, file names, and paths
Use angle brackets inside monospace for variables inside paths, such as /home/<username>/.login
Use quotation marks for error messages and strings in documentation
Use bold formatting for UI buttons, menus, fields, and labels in documentation
Use angle brackets between UI labels for menu paths, such as File > Save As
Use italics for new terms on first use in documentation
Use italics for publication titles in documentation
Use plain text formatting for keyboard shortcuts in documentation
Prefer [NVIDIA/NeMo](link) format for GitHub repository references over generic phrases like 'the GitHub repo'
Introduce every code block with a complete sentence
Do not make a code block complete the grammar of the previous sentence
Do not continue a sentence after a code block
Use syntax highlighting when the format supports it for code blocks
Avoid the word 'snippet' unless the surrounding docs already use it as a term of art
Keep inline method, function, and class references consistent with nearby docs, omitting empty parentheses for prose readability when no call is shown
Use descriptive anchor text that matches the destination title when possible for links
Avoid raw URLs in running text in documentation
Avoid generic link anchors such as 'here,' 'this page,' and 'read more' in documentation
Include the acronym in link text if a linked term includes an acronym
Do not link long sentences or multiple sentences in documentation
Avoid links that pull readers away from a procedure unles...

Files:

• docs/build-plugins/about.md
• examples/nemoguardrails/README.md
• docs/index.md
• docs/build-plugins/nemoguardrails.md

**/*.{html,md}

📄 CodeRabbit inference engine (CONTRIBUTING.md)

Include SPDX license headers in HTML and Markdown files using HTML comment syntax

Files:

• docs/build-plugins/about.md
• examples/nemoguardrails/README.md
• docs/index.md
• docs/build-plugins/nemoguardrails.md

docs/**/*.md

📄 CodeRabbit inference engine (CONTRIBUTING.md)

Run ./scripts/build-docs.sh for documentation site changes

docs/**/*.md: Relevant getting-started or reference docs must be updated when examples change
Release-policy docs must point to GitHub Releases as the only release-history source of truth

docs/**/*.md: Use title case for headings in technical documentation
Introduce code blocks, tables, and lists with complete lead-in sentences in documentation

Files:

• docs/build-plugins/about.md
• docs/index.md
• docs/build-plugins/nemoguardrails.md

**/*.md

📄 CodeRabbit inference engine (CONTRIBUTING.md)

Run Markdown link checking via lychee for README.md, CONTRIBUTING.md, and docs/ through pre-commit hooks

Files:

• docs/build-plugins/about.md
• examples/nemoguardrails/README.md
• docs/index.md
• docs/build-plugins/nemoguardrails.md

**/*.{md,markdown,py,sh,bash,js,ts,java,cpp,go,rust}

📄 CodeRabbit inference engine (.agents/skills/contribute-docs/SKILL.md)

Keep package names, repo references, and build commands current in documentation

Files:

• docs/build-plugins/about.md
• examples/nemoguardrails/README.md
• docs/index.md
• examples/nemoguardrails/example/agent_example.py
• docs/build-plugins/nemoguardrails.md
• examples/nemoguardrails/example/plugin.py
• python/tests/test_nemoguardrails_example_plugin.py

{RELEASING.md,CHANGELOG.md,docs/**/*.md}

📄 CodeRabbit inference engine (.agents/skills/contribute-docs/SKILL.md)

Keep release-process and release-notes guidance in repo-maintainer docs such as RELEASING.md, not as user-facing docs pages or CHANGELOG.md

Files:

• docs/build-plugins/about.md
• docs/index.md
• docs/build-plugins/nemoguardrails.md

**/*.{md,markdown,py,sh,bash}

📄 CodeRabbit inference engine (.agents/skills/contribute-docs/SKILL.md)

Keep stable user-facing wrappers at scripts/ root in docs and examples; only point at namespaced helper paths when documenting internal maintenance work

Files:

• docs/build-plugins/about.md
• examples/nemoguardrails/README.md
• docs/index.md
• examples/nemoguardrails/example/agent_example.py
• docs/build-plugins/nemoguardrails.md
• examples/nemoguardrails/example/plugin.py
• python/tests/test_nemoguardrails_example_plugin.py

**/*.{md,markdown,py,sh,bash,js,ts,example}

📄 CodeRabbit inference engine (.agents/skills/contribute-docs/SKILL.md)

Example commands must match current package names and paths

Files:

• docs/build-plugins/about.md
• examples/nemoguardrails/README.md
• docs/index.md
• examples/nemoguardrails/example/agent_example.py
• docs/build-plugins/nemoguardrails.md
• examples/nemoguardrails/example/plugin.py
• python/tests/test_nemoguardrails_example_plugin.py

{scripts/*.sh,docs/**/*.md}

📄 CodeRabbit inference engine (.agents/skills/contribute-integration/SKILL.md)

Use root ./scripts/*.sh commands in docs and contributor guidance as documented, with implementations under scripts/third-party/

Files:

• docs/build-plugins/about.md
• docs/index.md
• docs/build-plugins/nemoguardrails.md

{docs/**,examples/**,crates/adaptive/**,python/nemo_flow/**,go/nemo_flow/**,**/{example,component}.{ts,tsx,js,rs,py,go}}

📄 CodeRabbit inference engine (.agents/skills/maintain-optimizer/SKILL.md)

Any new adaptive component kind must have documentation, examples, and binding coverage across all supported languages

Files:

• docs/build-plugins/about.md
• examples/nemoguardrails/example/example_config.yml
• examples/nemoguardrails/example/rails/config.yml
• examples/nemoguardrails/README.md
• docs/index.md
• examples/nemoguardrails/example/agent_example.py
• docs/build-plugins/nemoguardrails.md
• examples/nemoguardrails/example/plugin.py

**/*.{md,rst}

📄 CodeRabbit inference engine (.agents/skills/maintain-packaging/SKILL.md)

Keep documentation and examples synchronized with current install, import, and build commands

Files:

• docs/build-plugins/about.md
• examples/nemoguardrails/README.md
• docs/index.md
• docs/build-plugins/nemoguardrails.md

{README*,CHANGELOG*,docs/**/*.{md,rst,txt},examples/**/*,*.md}

📄 CodeRabbit inference engine (.agents/skills/rename-surfaces/SKILL.md)

Update documentation, examples, and getting-started guides with new package/module/crate names after rename operations

Files:

• docs/build-plugins/about.md
• examples/nemoguardrails/example/example_config.yml
• examples/nemoguardrails/example/rails/config.yml
• examples/nemoguardrails/README.md
• docs/index.md
• examples/nemoguardrails/example/agent_example.py
• docs/build-plugins/nemoguardrails.md
• examples/nemoguardrails/example/plugin.py

**/*.{md,txt,rst}

📄 CodeRabbit inference engine (.agents/skills/review-doc-style/SKILL.md)

**/*.{md,txt,rst}: Ensure commands, package names, file paths, and APIs in documentation are correct and not stale; flag incorrect or outdated information as blocking issues
Ensure examples and procedures in documentation will execute successfully with current APIs and commands
Use consistent user-facing terminology throughout documentation that matches current repo terminology
Capitalize NVIDIA correctly in all documentation and public-facing text
Format code, commands, paths, and filenames as inline code (monospace) in documentation
Use descriptive anchor text for links instead of bare URLs or weak labels like 'here' in documentation
Prefer active voice, present tense, short sentences, and plain English in documentation
Structure documentation procedures as imperative steps that are easy to scan and not too long for a single sequence
Prefer 'after' instead of 'once' for temporal references in documentation
Use 'can' instead of 'may' when describing possibility (rather than permission) in documentation
Avoid ambiguous numeric dates and ordinal dates in documentation body text

Files:

• docs/build-plugins/about.md
• examples/nemoguardrails/README.md
• docs/index.md
• docs/build-plugins/nemoguardrails.md

{docs/**/*.md,README.md,CONTRIBUTING.md}

📄 CodeRabbit inference engine (.agents/skills/validate-change/SKILL.md)

{docs/**/*.md,README.md,CONTRIBUTING.md}: For docs-only changes, run targeted checks only if commands, package names, or examples changed; use just docs for docs-site builds and just docs-linkcheck when links changed
Verify that README and docs entry points match current package names and paths for large or public-facing changes

Files:

• docs/build-plugins/about.md
• docs/index.md
• docs/build-plugins/nemoguardrails.md

**/*.{rs,py,js,ts,tsx,jsx,go,sh,yaml,yml,toml,json,md,txt}

📄 CodeRabbit inference engine (AGENTS.md)

Keep SPDX headers on source, docs, scripts, and configuration files. The project is Apache-2.0.

Files:

• docs/build-plugins/about.md
• examples/nemoguardrails/example/example_config.yml
• examples/nemoguardrails/example/rails/config.yml
• examples/nemoguardrails/README.md
• docs/index.md
• examples/nemoguardrails/example/agent_example.py
• docs/build-plugins/nemoguardrails.md
• examples/nemoguardrails/example/plugin.py
• python/tests/test_nemoguardrails_example_plugin.py

{docs/**,README.md,CONTRIBUTING.md,RELEASING.md,SECURITY.md}

⚙️ CodeRabbit configuration file

{docs/**,README.md,CONTRIBUTING.md,RELEASING.md,SECURITY.md}: Review documentation for technical accuracy against the current API, command correctness, and consistency across language bindings.
Flag stale examples, missing SPDX headers where required, and instructions that no longer match CI or pre-commit behavior.

Files:

• docs/build-plugins/about.md
• docs/index.md
• docs/build-plugins/nemoguardrails.md

**/{config,schema,adaptive}.{yaml,yml,json,ts,tsx,py,go,rs}

📄 CodeRabbit inference engine (.agents/skills/maintain-optimizer/SKILL.md)

Ensure dynamic config shape matches the documented canonical model in docs/use-adaptive-optimization/configure.md

Files:

• examples/nemoguardrails/example/rails/config.yml

**/README.md

📄 CodeRabbit inference engine (CONTRIBUTING.md)

Update relevant crate or package README when that surface changed

Relevant package or crate README.md files must be updated when examples or binding guidance changes

Files:

• examples/nemoguardrails/README.md

**/{RELEASING,CHANGELOG,README}.{md,rst}

📄 CodeRabbit inference engine (.agents/skills/maintain-packaging/SKILL.md)

Point release history and release notes to GitHub Releases, not to CHANGELOG.md or docs pages

Files:

• examples/nemoguardrails/README.md

{README.md,docs/index.md,**/README.md}

📄 CodeRabbit inference engine (.agents/skills/review-doc-style/SKILL.md)

Update entry-point documentation (README.md, docs/index.md, package READMEs, binding-level source READMEs) whenever public behavior changes

Files:

• examples/nemoguardrails/README.md
• docs/index.md

{README.md,docs/index.md}

📄 CodeRabbit inference engine (.agents/skills/contribute-docs/SKILL.md)

{README.md,docs/index.md}: Update entry-point docs when examples or reading paths change
README.md or docs/index.md must be updated when entry points change

Files:

• docs/index.md

**/*.py

📄 CodeRabbit inference engine (.agents/skills/test-python-binding/SKILL.md)

Format changed Python wrapper and test files with uv run ruff format python

**/*.py: Use Ruff with rule sets E, F, W, I for Python linting
Use Ruff formatter for Python code with line length 120 and double quotes
Use ty for Python type checking
Use snake_case naming convention for Python code
Include SPDX license headers in all Python source files using Python comment syntax

Files:

• examples/nemoguardrails/example/agent_example.py
• examples/nemoguardrails/example/plugin.py
• python/tests/test_nemoguardrails_example_plugin.py

**/*.{rs,py,go,js,ts,tsx}

📄 CodeRabbit inference engine (CONTRIBUTING.md)

Use SONAR_IGNORE_START / SONAR_IGNORE_END markers only for documented false positives that cannot be resolved in code; keep ignored blocks small, add explanatory comments, and require reviewer sign-off

Files:

• examples/nemoguardrails/example/agent_example.py
• examples/nemoguardrails/example/plugin.py
• python/tests/test_nemoguardrails_example_plugin.py

**/*.{rs,py,go,js,ts,jsx,tsx}

📄 CodeRabbit inference engine (.agents/skills/validate-change/SKILL.md)

**/*.{rs,py,go,js,ts,jsx,tsx}: Format changed files with the language-native formatter before the final lint/test pass
Use language-native formatters: cargo fmt --all for Rust, uv run ruff format python for Python, go fmt ./... for Go, npm --prefix crates/node run format for Node.js, and npm --prefix crates/node run precommit:format -- crates/wasm/wrappers crates/wasm/tests-js crates/wasm/scripts for WebAssembly

Files:

• examples/nemoguardrails/example/agent_example.py
• examples/nemoguardrails/example/plugin.py
• python/tests/test_nemoguardrails_example_plugin.py

**/*.{py,go,js,ts,jsx,tsx}

📄 CodeRabbit inference engine (.agents/skills/validate-change/SKILL.md)

If a language surface changed, always run that language's test target even when Rust core did not change

Files:

• examples/nemoguardrails/example/agent_example.py
• examples/nemoguardrails/example/plugin.py
• python/tests/test_nemoguardrails_example_plugin.py

**/*.{js,ts,tsx,jsx,py,rs,go,java,c,cpp,h,cc,cxx,cs,rb,php,swift,kt}

📄 CodeRabbit inference engine (.agents/skills/prepare-pr/SKILL.md)

Changed files must be formatted with the language-native formatter

Files:

• examples/nemoguardrails/example/agent_example.py
• examples/nemoguardrails/example/plugin.py
• python/tests/test_nemoguardrails_example_plugin.py

**/test_*.py

📄 CodeRabbit inference engine (.agents/skills/test-python-binding/SKILL.md)

Run focused pytest first when you know the affected area using pytest -k "<pattern>"

Files:

• python/tests/test_nemoguardrails_example_plugin.py

{crates/**/tests/**,python/tests/**,go/nemo_flow/**/*_test.go}

⚙️ CodeRabbit configuration file

{crates/**/tests/**,python/tests/**,go/nemo_flow/**/*_test.go}: Tests should cover the behavior promised by the changed API surface, including error paths and cross-request isolation where relevant.
Prefer assertions on lifecycle events, scope stacks, middleware ordering, and binding parity over shallow smoke tests.

Files:

• python/tests/test_nemoguardrails_example_plugin.py

🪛 LanguageTool

docs/build-plugins/nemoguardrails.md

[style] ~203-~203: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...s and responses. - anthropic_messages for Anthropic Messages-style requests and r...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

🪛 Ruff (0.15.12)

examples/nemoguardrails/example/agent_example.py

[warning] 72-72: Avoid specifying long messages outside the exception class

(TRY003)

---

[warning] 87-87: Avoid specifying long messages outside the exception class

(TRY003)

---

[error] 157-162: Audit URL open for permitted schemes. Allowing use of file: or custom schemes is often unexpected.

(S310)

---

[error] 165-165: Audit URL open for permitted schemes. Allowing use of file: or custom schemes is often unexpected.

(S310)

---

[warning] 169-169: Avoid specifying long messages outside the exception class

(TRY003)

---

[warning] 172-172: Prefer TypeError exception for invalid type

(TRY004)

---

[warning] 172-172: Avoid specifying long messages outside the exception class

(TRY003)

examples/nemoguardrails/example/plugin.py

[warning] 71-71: Missing return type annotation for private function _load_nemoguardrails

(ANN202)

---

[warning] 76-79: Avoid specifying long messages outside the exception class

(TRY003)

---

[warning] 89-89: Dynamically typed expressions (typing.Any) are disallowed in status

(ANN401)

---

[warning] 93-93: Dynamically typed expressions (typing.Any) are disallowed in annotated

(ANN401)

---

[warning] 104-108: Avoid specifying long messages outside the exception class

(TRY003)

---

[warning] 138-142: Avoid specifying long messages outside the exception class

(TRY003)

---

[warning] 145-149: Avoid specifying long messages outside the exception class

(TRY003)

---

[warning] 153-153: Too many branches (14 > 12)

(PLR0912)

---

[warning] 273-273: Dynamically typed expressions (typing.Any) are disallowed in result

(ANN401)

---

[warning] 279-284: Avoid specifying long messages outside the exception class

(TRY003)

---

[warning] 293-293: Too many statements (67 > 50)

(PLR0915)

---

[warning] 293-293: Dynamically typed expressions (typing.Any) are disallowed in context

(ANN401)

---

[warning] 297-297: Avoid specifying long messages outside the exception class

(TRY003)

---

[warning] 320-320: Missing return type annotation for private function intercept

(ANN202)

---

[warning] 358-364: Avoid specifying long messages outside the exception class

(TRY003)

---

[warning] 372-372: Missing return type annotation for private function tool_intercept

(ANN202)

python/tests/test_nemoguardrails_example_plugin.py

[warning] 25-25: Dynamically typed expressions (typing.Any) are disallowed in _load_example_plugin

(ANN401)

---

[warning] 32-32: Avoid specifying long messages outside the exception class

(TRY003)

---

[warning] 97-97: Avoid specifying long messages outside the exception class

(TRY003)

---

[warning] 131-131: Do not call setattr with a constant attribute value. It is not any safer than normal property access.

Replace setattr with assignment

(B010)

---

[warning] 132-132: Do not call setattr with a constant attribute value. It is not any safer than normal property access.

Replace setattr with assignment

(B010)

---

[warning] 133-133: Do not call setattr with a constant attribute value. It is not any safer than normal property access.

Replace setattr with assignment

(B010)

---

[warning] 134-134: Do not call setattr with a constant attribute value. It is not any safer than normal property access.

Replace setattr with assignment

(B010)

---

[warning] 135-135: Do not call setattr with a constant attribute value. It is not any safer than normal property access.

Replace setattr with assignment

(B010)

---

[warning] 136-136: Do not call setattr with a constant attribute value. It is not any safer than normal property access.

Replace setattr with assignment

(B010)

---

[warning] 137-137: Do not call setattr with a constant attribute value. It is not any safer than normal property access.

Replace setattr with assignment

(B010)

---

[warning] 145-145: Dynamically typed expressions (typing.Any) are disallowed in **overrides

(ANN401)

---

[warning] 163-163: Dynamically typed expressions (typing.Any) are disallowed in **config_overrides

(ANN401)

---

[warning] 245-245: Missing return type annotation for private function fail_import

Add return type annotation: Never

(ANN202)

---

[warning] 246-246: Avoid specifying long messages outside the exception class

(TRY003)

---

[error] 303-303: Probable insecure usage of temporary file or directory: "/tmp/example-rails"

(S108)

---

[error] 313-313: Probable insecure usage of temporary file or directory: "/tmp/example-rails"

(S108)

---

[warning] 320-320: Missing return type annotation for private function missing_dependency

Add return type annotation: Never

(ANN202)

---

[warning] 323-323: Avoid specifying long messages outside the exception class

(TRY003)

---

[warning] 346-346: Missing return type annotation for private function provider

(ANN202)

---

[warning] 372-372: Missing return type annotation for private function provider

(ANN202)

---

[warning] 396-396: Missing return type annotation for private function provider

(ANN202)

---

[warning] 421-421: Missing return type annotation for private function provider

(ANN202)

---

[warning] 450-450: Missing return type annotation for private function provider

(ANN202)

---

[warning] 475-475: Missing return type annotation for private function provider

(ANN202)

---

[warning] 504-504: Missing return type annotation for private function provider

(ANN202)

---

[warning] 533-533: Missing return type annotation for private function provider

(ANN202)

---

[warning] 570-570: Missing return type annotation for private function tool_impl

(ANN202)

---

[warning] 598-598: Missing return type annotation for private function tool_impl

(ANN202)

---

[warning] 628-628: Missing return type annotation for private function tool_impl

(ANN202)

---

[warning] 658-658: Missing return type annotation for private function tool_impl

(ANN202)

---

[warning] 686-686: Missing return type annotation for private function tool_impl

(ANN202)

---

[warning] 707-707: Missing return type annotation for private function tool_impl

(ANN202)

---

[warning] 736-736: Missing return type annotation for private function tool_impl

(ANN202)

🔇 Additional comments (10)

examples/nemoguardrails/example/rails/config.yml (1)

1-44: LGTM!

Configuration correctly defines the NeMo Guardrails rails with input/output self-check flows and appropriate prompt templates using standard Jinja2 placeholders.

examples/nemoguardrails/example/example_config.yml (1)

1-44: LGTM!

Intentional duplicate of the directory-based config to demonstrate the inline config_yaml loading mode.

examples/nemoguardrails/example/plugin.py (1)

1-433: LGTM!

The plugin implementation is well-structured with:

• Proper lazy loading of the optional dependency
• Comprehensive config validation
• Correct interceptor registration for both LLM and tool execution
• Clear error handling with descriptive NeMoGuardrailsViolation exceptions

The static analysis warnings (ANN401, TRY003, PLR0912, PLR0915) are acceptable trade-offs for example code readability and self-contained implementation.

python/tests/test_nemoguardrails_example_plugin.py (1)

1-741: LGTM!

Comprehensive test suite with:

• Properly isolated fake nemoguardrails module injection
• Full coverage of validation paths including edge cases
• Runtime tests for all interceptor behavior: pass/block/modify for LLM input/output and tool input/output
• Multi-codec coverage (openai_chat, anthropic_messages, openai_responses)

The B010 (setattr with constant) warnings are false positives—using setattr is appropriate when dynamically constructing module objects.

examples/nemoguardrails/example/agent_example.py (1)

1-247: LGTM!

Well-structured example agent that:

• Validates URL schemes before HTTP calls (addressing S310 static analysis concerns)
• Properly manages plugin lifecycle with try/finally cleanup
• Provides multiple configuration modes (passthrough, inline, path) for demonstration
• Includes reasonable timeout (60s) for LLM calls

docs/index.md (1)

181-181: LGTM!

Toctree entry correctly placed and formatted to match existing entries.

docs/build-plugins/about.md (1)

38-38: LGTM!

Guide link follows existing conventions with descriptive anchor text and accurate description.

examples/nemoguardrails/README.md (1)

1-156: LGTM!

Comprehensive README that:

• Clearly documents what the example demonstrates and its boundaries
• Provides complete usage instructions with code examples
• Documents all CLI arguments and environment variable overrides
• Follows documentation guidelines with proper SPDX header, title case, and code formatting

docs/build-plugins/nemoguardrails.md (2)

153-154: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Format file paths in monospace.

File paths in documentation prose should use monospace formatting. As per coding guidelines, "Use monospace formatting for directories, file names, and paths."

📝 Proposed fix

 The config directory lane uses the bundled
-`examples/nemoguardrails/example/rails/config.yml` by default. It
-contains the same input and output self-check rails as `example/example_config.yml`:
+`examples/nemoguardrails/example/rails/config.yml` by default. It contains
+the same input and output self-check rails as `examples/nemoguardrails/example/example_config.yml`:

			> Likely an incorrect or invalid review comment.

---

11-13: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Format directory paths consistently in monospace.

Directory paths should use monospace formatting. As per coding guidelines, "Use monospace formatting for directories, file names, and paths."

📝 Proposed fix

-The example lives under `examples/nemoguardrails`. The single-file plugin
-implementation, runnable agent, and Guardrails config artifacts are under
-`example`.
+The example lives under `examples/nemoguardrails/`. The single-file plugin
+implementation, runnable agent, and Guardrails config artifacts are under
+`examples/nemoguardrails/example/`.

			> Likely an incorrect or invalid review comment.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial | 💤 Low value

Consider varying sentence structure for better readability.

Three consecutive sentences begin with "for," which reduces scannability. Consider restructuring for variety.

✨ Suggested alternative

 The example is intentionally limited to NeMo Flow's built-in LLM codec shapes:
 
-- `openai_chat` for OpenAI Chat Completions-style requests and responses.
-- `openai_responses` for OpenAI Responses API-style requests and responses.
-- `anthropic_messages` for Anthropic Messages-style requests and responses.
+- `openai_chat`: OpenAI Chat Completions-style requests and responses
+- `openai_responses`: OpenAI Responses API-style requests and responses
+- `anthropic_messages`: Anthropic Messages-style requests and responses

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- `openai_chat` for OpenAI Chat Completions-style requests and responses.
	- `openai_responses` for OpenAI Responses API-style requests and responses.
	- `anthropic_messages` for Anthropic Messages-style requests and responses.
	The example is intentionally limited to NeMo Flow's built-in LLM codec shapes:
	- `openai_chat`: OpenAI Chat Completions-style requests and responses
	- `openai_responses`: OpenAI Responses API-style requests and responses
	- `anthropic_messages`: Anthropic Messages-style requests and responses

🧰 Tools

🪛 LanguageTool

[style] ~203-~203: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...s and responses. - anthropic_messages for Anthropic Messages-style requests and r...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/build-plugins/nemoguardrails.md` around lines 201 - 203, Rewrite the
three bullet lines so they vary sentence structure and avoid all starting with
"for"; specifically update the entries for openai_chat, openai_responses, and
anthropic_messages to describe what each plugin handles using different lead-ins
(e.g., "Handles OpenAI Chat Completions-style requests and responses," "Supports
OpenAI Responses API-style requests and responses," "Provides support for
Anthropic Messages-style requests and responses") while keeping the same intent
and keywords.

[willkill07]

/ok to test 599fd6c