What is Regex Pattern Matching?
Regex Pattern Matching is a built-in TrueFoundry guardrail that uses regular expressions to detect and handle sensitive data patterns in text content. It ships with a library of preset patterns and supports user-defined custom patterns. It runs directly within the AI Gateway without requiring external API calls, providing fast and cost-effective pattern detection.Regex Pattern Matching can be applied to all four guardrail hooks: LLM Input, LLM Output, MCP Pre Tool, and MCP Post Tool providing comprehensive pattern-based protection across your entire AI workflow.
Key Features
- Preset Patterns: Predefined regex patterns for detecting personally identifiable information (PII), payment card numbers, credentials, network identifiers, protected class references for fair lending compliance, and dangerous content.
- Custom Pattern Support: Define your own regex patterns with custom redaction text to match more specific data patterns.
Adding Regex Pattern Matching Guardrail
To add Regex Pattern Matching to your TrueFoundry setup, follow these steps:Create or Select a Guardrails Group
Create a new guardrails group or select an existing one where you want to add the Regex Pattern Matching guardrail.
Add Regex Pattern Matching Integration
Click on Add Guardrail and select Regex Pattern Match from the TrueFoundry Guardrails section.
Configure the Guardrail
Fill in the configuration form:
- Name: Enter a unique name for this guardrail configuration (e.g.,
regex-personal-info-redaction) - Operation: Choose the operation mode:
validate: Detect patterns and block requests containing matchesmutate: Detect patterns and redact matches, allowing the request to continue
- Preset Patterns: Select from the built-in patterns
- Custom Patterns: Add your own regex patterns with custom redaction text
Configuration Options
| Parameter | Description | Default |
|---|---|---|
| Name | Unique identifier for this guardrail | Required |
| Operation | validate (block) or mutate (redact) | validate |
| Priority | Execution order for mutate guardrails (lower runs first) | 1 |
| Enforcing Strategy | enforce, enforce_but_ignore_on_error, or audit | enforce |
| Preset Patterns | Select from built-in patterns (see Preset Patterns below) | None |
| Custom Patterns | Custom regex patterns with optional redaction text | None |
See Guardrails Overview for details on Operation Modes and Enforcing Strategy.
How It Works
Validate Mode
When configured in validate mode, the guardrail scans content against all enabled preset and custom patterns. If any pattern matches, the request is blocked. Example:Mutate Mode
When configured in mutate mode, the guardrail scans content and replaces each match with the pattern’s redaction text, allowing the request to continue. Example:Credential Redaction (Mutate)
Credential Redaction (Mutate)
Input:Output:
Dangerous Content Detection (Validate)
Dangerous Content Detection (Validate)
Input:Result: Request will be blocked by the guardrail, as it matches the
explosives pattern.Preset Patterns
The following preset patterns are available. Each has a unique identifier that you select when configuring the guardrail, and a default redaction text used in mutate mode.| Name | Regex | Redaction Text |
|---|---|---|
| SSN (Social Security Number) | \b\d{3}-\d{2}-\d{4}\b | [REDACTED SSN] |
| SSN (No Dashes) | \b(?!000|666|9\d{2})\d{3}(?!00)\d{2}(?!0000)\d{4}\b | [REDACTED SSN] |
| Email Address | \b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b | [REDACTED EMAIL] |
| Phone Number (US) | \b(?:\+?1[\s.-]?)?\(?([0-9]{3})\)?[\s.-]?([0-9]{3})[\s.-]?([0-9]{4})\b | [REDACTED PHONE] |
| Passport (US) | \b([A-Z][0-9]{8}|[0-9]{9})\b | [REDACTED PASSPORT] |
| Passport (UK) | \b[0-9]{9}\b | [REDACTED PASSPORT] |
| Passport (Germany) | \b[CFGHJKLMNPRTVWXYZ0-9]{9}\b | [REDACTED PASSPORT] |
| Passport (France) | \b[0-9]{2}[A-Z]{2}[0-9]{5}\b | [REDACTED PASSPORT] |
| Passport (Netherlands) | \b[A-Z]{2}[A-Z0-9]{6}[0-9]\b | [REDACTED PASSPORT] |
| Passport (Canada) | \b([A-Z]{2}[0-9]{6}|[A-Z][0-9]{6}[A-Z]{2})\b | [REDACTED PASSPORT] |
| Passport (India) | \b[A-Z][0-9]{7}\b | [REDACTED PASSPORT] |
| Passport (Australia) | \b[A-Z][0-9]{7}\b | [REDACTED PASSPORT] |
| Passport (China) | \b[EeGg][0-9]{8}\b | [REDACTED PASSPORT] |
| Passport (Japan) | \b[A-Z]{2}[0-9]{7}\b | [REDACTED PASSPORT] |
| Credit Card (Visa) | \b4\d{3}[\s\-]?\d{4}[\s\-]?\d{4}[\s\-]?\d{4}\b | [REDACTED CREDIT CARD] |
| Credit Card (Mastercard) | \b5[1-5]\d{2}[\s\-]?\d{4}[\s\-]?\d{4}[\s\-]?\d{4}\b | [REDACTED CREDIT CARD] |
| Credit Card (American Express) | \b3[47]\d{2}[\s\-]?\d{6}[\s\-]?\d{5}\b | [REDACTED CREDIT CARD] |
| Credit Card (Discover) | \b6(?:011|5\d{2})[\s\-]?\d{4}[\s\-]?\d{4}[\s\-]?\d{4}\b | [REDACTED CREDIT CARD] |
| Credit Card (Any) | (?:\b4\d{3}[\s\-]?\d{4}[\s\-]?\d{4}[\s\-]?\d{4}\b|\b5[1-5]\d{2}[\s\-]?\d{4}[\s\-]?\d{4}[\s\-]?\d{4}\b|\b3[47]\d{2}[\s\-]?\d{6}[\s\-]?\d{5}\b|\b6(?:011|5\d{2})[\s\-]?\d{4}[\s\-]?\d{4}[\s\-]?\d{4}\b) | [REDACTED CREDIT CARD] |
| AWS Access Key | \b(AKIA[0-9A-Z]{16})\b | [REDACTED AWS KEY] |
| AWS Secret Key | \b([A-Za-z0-9/+=]{40})\b | [REDACTED AWS SECRET] |
| GitHub Token | \b(gh[ps]_[a-zA-Z0-9]{36})\b | [REDACTED GITHUB TOKEN] |
| Slack Token | \b(xox[pboa]-[0-9]{10,13}-[0-9]{10,13}-[a-zA-Z0-9]{24,32})\b | [REDACTED SLACK TOKEN] |
| API Key (Generic) | \b([Aa][Pp][Ii][-_]?[Kk][Ee][Yy][\s:=]+['"]?[A-Za-z0-9_\-]{20,}['"]?)\b | [REDACTED API KEY] |
| IP Address (IPv4) | \b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b | [REDACTED IP] |
| IP Address (IPv6) | (?<![0-9a-fA-F:])(?:(?:[0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|(?:[0-9a-fA-F]{1,4}:){1,7}:|:(?::[0-9a-fA-F]{1,4}){1,7}|::|(?:[0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|(?:[0-9a-fA-F]{1,4}:){1,5}(?::[0-9a-fA-F]{1,4}){1,2}|(?:[0-9a-fA-F]{1,4}:){1,4}(?::[0-9a-fA-F]{1,4}){1,3}|(?:[0-9a-fA-F]{1,4}:){1,3}(?::[0-9a-fA-F]{1,4}){1,4}|(?:[0-9a-fA-F]{1,4}:){1,2}(?::[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:(?::[0-9a-fA-F]{1,4}){1,6})(?![0-9a-fA-F:]) | [REDACTED IP] |
| URL | \b(?:https?://|www\.)[^\s/$.?#].[^\s]*\b | [REDACTED URL] |
| Gender & Sexual Orientation (Protected Class) | \b(non-?binary|enby|genderqueer|genderfluid|gender-?fluid|agender|bigender|pangender|two-?spirit|trans(gender|sexual|masc|fem)?|cis(gender)?|intersex|MTF|FTM|AMAB|AFAB|assigned\s+(male|female)\s+at\s+birth|gay|lesbian|bisexual|pansexual|omnisexual|polysexual|asexual|aromantic|demisexual|heterosexual|homosexual|queer|LGBTQ\+?|LGBT\+?|LGBTQIA\+?|same-?sex|opposite-?sex|sexual\s+orientation|sexual\s+preference|gender\s+identity|sex\s+change|gender\s+reassignment|gender\s+confirmation|sexual\s+minority|he\/him|she\/her|they\/them|xe\/xem|ze\/zir)\b | [REDACTED PROTECTED CLASS] |
| Race, Ethnicity & National Origin (Protected Class) | \b(caucasian|african[- ]?american|black|white|asian|hispanic|latino|latina|latinx|pacific\s+islander|native\s+american|indigenous|first\s+nations|aboriginal|mestizo|mulatto|biracial|multiracial|mixed[- ]?race|person\s+of\s+colou?r|POC|BIPOC|ethnic(ity)?|racial|race|arab|middle\s+eastern|south\s+asian|east\s+asian|southeast\s+asian|european|african|caribbean|west\s+indian|haitian|jamaican|cuban|puerto\s+rican|mexican|dominican|salvadoran|guatemalan|honduran|colombian|venezuelan|peruvian|brazilian|chinese|japanese|korean|vietnamese|filipino|filipina|indian|pakistani|bangladeshi|sri\s+lankan|nepali|thai|indonesian|malaysian|burmese|cambodian|laotian|hmong|somali|ethiopian|nigerian|ghanaian|kenyan|south\s+african|egyptian|moroccan|algerian|iranian|iraqi|syrian|lebanese|palestinian|israeli|turkish|afghan|uzbek|kazakh|russian|ukrainian|polish|german|italian|irish|british|french|spanish|portuguese|greek|albanian|serbian|croatian|bosnian|romani|roma|gypsy|jewish|ashkenazi|sephardic|mizrahi|native\s+hawaiian|samoan|tongan|fijian|guamanian|chamorro|inuit|aleut|metis|maori|aboriginal\s+australian|torres\s+strait)\b | [REDACTED PROTECTED CLASS] |
| Religion & Creed (Protected Class) | \b(christian|catholic|protestant|baptist|methodist|lutheran|presbyterian|episcopal|pentecostal|evangelical|orthodox\s+christian|mormon|latter[- ]?day\s+saint|LDS|jehovah'?s?\s+witness|seventh[- ]?day\s+adventist|amish|mennonite|quaker|jewish|jew|judaism|orthodox\s+jew|hasidic|muslim|islam(ic)?|sunni|shia|shiite|sufi|nation\s+of\s+islam|hindu(ism)?|buddhist|buddhism|sikh(ism)?|jain(ism)?|shinto|taoist|taoism|confucian|zoroastrian|baha'?i|rastafari(an)?|pagan|wiccan|druid|satanist|scientolog(y|ist)|unitarian|agnostic|atheist|secular|non-?religious|spiritual\s+but\s+not\s+religious|religious\s+belief|religious\s+practice|place\s+of\s+worship|church|mosque|synagogue|temple|gurdwara|kosher|halal|sabbath|shabbat|ramadan|lent|yom\s+kippur|rosh\s+hashanah|diwali|eid|hijab|yarmulke|kippah|turban|religious\s+head\s*covering)\b | [REDACTED PROTECTED CLASS] |
| Age-Related Terms (Protected Class) | \b(elderly|senior\s+citizen|old\s+age|aged\s+\d+|retiree|retired|pensioner|baby\s+boomer|boomer|geriatric|over\s+the\s+hill|too\s+old|too\s+young|young\s+person|millennial|gen[- ]?z|junior|age\s+discrimination|ageism|years?\s+old|date\s+of\s+birth|DOB|birth\s*date|born\s+in\s+\d{4}|age\s+\d{2,3})\b | [REDACTED PROTECTED CLASS] |
| Disability Status (Protected Class) | \b(disabled|disability|handicap(ped)?|impair(ed|ment)|wheelchair|blind(ness)?|deaf(ness)?|hard\s+of\s+hearing|hearing\s+impaired|visually\s+impaired|mute|paralyz(ed|is)|quadriplegic|paraplegic|amputee|prosthetic|cripple[d]?|mentally\s+ill|mental\s+illness|mental\s+disorder|psychiatric|schizophren(ia|ic)|bipolar|depression|depressed|anxiety\s+disorder|PTSD|autis(m|tic)|asperger'?s?|ADHD|ADD|dyslexia|dyslexic|learning\s+disabilit(y|ies)|intellectual\s+disabilit(y|ies)|down'?s?\s+syndrome|cerebral\s+palsy|epilep(sy|tic)|seizure\s+disorder|multiple\s+sclerosis|MS\s+patient|parkinson'?s?|alzheimer'?s?|dementia|chronic\s+illness|chronic\s+pain|fibromyalgia|lupus|crohn'?s?|cancer\s+patient|HIV|AIDS|diabetic|diabetes|SSI|SSDI|disability\s+benefits|disability\s+income|ADA|reasonable\s+accommodation|special\s+needs|service\s+animal|service\s+dog|guide\s+dog)\b | [REDACTED PROTECTED CLASS] |
| Marital & Family Status (Protected Class) | \b(married|unmarried|single|divorced|separated|widowed|widow|widower|spouse|husband|wife|domestic\s+partner|civil\s+union|common[- ]?law|marital\s+status|maiden\s+name|alimony|child\s+support|custody|pregnant|pregnancy|maternity|paternity|expecting|family\s+status|number\s+of\s+children|dependents|childless|child[- ]?free|single\s+parent|single\s+mother|single\s+father|unwed|out\s+of\s+wedlock|illegitimate|family\s+planning|birth\s+control|fertility|IVF|adoption|adopted|foster\s+parent|guardian)\b | [REDACTED PROTECTED CLASS] |
| Military Status (Protected Class) | \b(veteran|military|armed\s+forces|army|navy|air\s+force|marine(s|\s+corps)?|coast\s+guard|national\s+guard|reserve(s|ist)?|active\s+duty|deployment|deployed|enlisted|commissioned|honorable\s+discharge|dishonorable\s+discharge|VA\s+benefits|GI\s+bill|military\s+service|service\s+member|servicemember|SCRA|MLA|military\s+lending)\b | [REDACTED PROTECTED CLASS] |
| Public Assistance Status (Protected Class) | \b(welfare|public\s+assistance|food\s+stamps|SNAP|WIC|TANF|medicaid|section\s+8|housing\s+voucher|subsidized\s+housing|public\s+housing|government\s+benefits|social\s+services|unemployment\s+(benefits|insurance)|UI\s+benefits|EBT|benefit\s+recipient)\b | [REDACTED PROTECTED CLASS] |
| Weapons & Firearms | \b(gun|firearm|rifle|shotgun|pistol|handgun|revolver|semi[- ]?automatic|automatic\s+weapon|assault\s+rifle|AR-?15|AK-?47|machine\s+gun|submachine\s+gun|SMG|ammunition|ammo|bullet(s)?|cartridge|caliber|9mm|\.45|\.38|\.357|\.22|12\s+gauge|hollow\s+point|armor\s+piercing|magazine|clip|suppressor|silencer|bump\s+stock|trigger|barrel|concealed\s+carry|open\s+carry|CCW|ghost\s+gun|3D\s+printed\s+gun|untraceable\s+firearm|straw\s+purchase|gun\s+show|FFL|firearms\s+dealer)\b | [REDACTED WEAPONS] |
| Other Weapons | \b(knife|blade|machete|switchblade|butterfly\s+knife|balisong|brass\s+knuckles|knuckle\s+duster|baton|blackjack|taser|stun\s+gun|pepper\s+spray|mace|crossbow|bow\s+and\s+arrow|compound\s+bow|sword|katana|throwing\s+star|shuriken|nunchaku|nunchucks|tomahawk|hatchet|axe\s+attack|ice\s+pick|garrote|zip\s+gun|improvised\s+weapon|shiv|shank|pipe\s+bomb)\b | [REDACTED WEAPONS] |
| Explosives & Bombs | \b(bomb|explosive|detonate|detonator|detonation|IED|improvised\s+explosive|pipe\s+bomb|mail\s+bomb|car\s+bomb|truck\s+bomb|suicide\s+bomb|vest\s+bomb|dirty\s+bomb|fertilizer\s+bomb|ANFO|ammonium\s+nitrate|C-?4|plastic\s+explosive|dynamite|TNT|nitroglycerin|black\s+powder|gunpowder|blasting\s+cap|fuse|timer\s+device|remote\s+detonation|pressure\s+cooker\s+bomb|nail\s+bomb|shrapnel|fragmentation|incendiary|molotov|firebomb|thermite|napalm|grenade|hand\s+grenade|frag\s+grenade|flash\s+bang|smoke\s+bomb|landmine|claymore|semtex|RDX|PETN|how\s+to\s+(make|build|construct)\s+(a\s+)?bomb)\b | [REDACTED DANGEROUS CONTENT] |
| Violence & Threats | \b(kill|murder|assassinate|execute|slaughter|massacre|bloodbath|genocide|ethnic\s+cleansing|mass\s+shooting|shooting\s+spree|rampage|gun\s+down|mow\s+down|hunt\s+(down|them)|take\s+(them|him|her)\s+out|eliminate|neutralize|liquidate|hit\s+(list|man)|contract\s+kill|hired\s+gun|death\s+threat|threat(en)?\s+to\s+kill|gonna\s+kill|going\s+to\s+kill|want\s+(to|him|her|them)\s+dead|deserve\s+to\s+die|need(s)?\s+to\s+die|shoot\s+up|bomb\s+threat|terrorize|reign\s+of\s+terror|burning\s+down|burn\s+it\s+down|blow\s+(it|them|this)\s+up|torture|mutilate|dismember|decapitate|behead|strangle|suffocate|drown|poison|stab|slash|cut\s+(throat|them)|slit\s+(throat|wrists)|beat\s+to\s+death|bludgeon|maim|cripple|kneecap)\b | [REDACTED DANGEROUS CONTENT] |
| Terrorism & Extremism | \b(terroris[tm]|jiha[di]|mujahideen|martyr(dom)?\s+operation|holy\s+war|caliphate|ISIS|ISIL|Islamic\s+State|Al[- ]?Qaeda|Al[- ]?Shabaab|Boko\s+Haram|Hezbollah|Hamas|Taliban|lone\s+wolf|radicalize[d]?|radicalization|extremis[tm]|white\s+supremac(y|ist)|neo[- ]?nazi|skinhead|aryan|white\s+power|white\s+nationalist|race\s+war|day\s+of\s+the\s+rope|Turner\s+Diaries|accelerationism|boogaloo|proud\s+boys|oath\s+keepers|three\s+percenter|militia\s+movement|domestic\s+terroris[tm]|cell|sleeper\s+cell|attack\s+planning|soft\s+target|hard\s+target|high\s+value\s+target|infidel|kuffar|crusader|manifest(o)?|insurgent|insurrection|armed\s+uprising|overthrow\s+the\s+government|civil\s+war\s+2|RAHOWA|fourteen\s+words|1488|88|HH)\b | [REDACTED DANGEROUS CONTENT] |
| Self-Harm & Suicide | \b(suicid(e|al)|kill\s+myself|end\s+(my|it\s+all)|take\s+my\s+(own\s+)?life|don'?t\s+want\s+to\s+live|want\s+to\s+die|better\s+off\s+dead|no\s+reason\s+to\s+live|nothing\s+to\s+live\s+for|end\s+the\s+pain|self[- ]?harm|cut(ting)?\s+myself|slit\s+(my\s+)?wrists|overdose|OD|hang\s+myself|jump\s+off|jump\s+from|bridge\s+jump|train\s+tracks|pills\s+to\s+die|lethal\s+dose|LD50|how\s+to\s+kill\s+(myself|yourself)|suicide\s+method|painless\s+death|exit\s+bag|helium\s+hood|suicide\s+note|goodbye\s+letter|final\s+letter|last\s+words|pro[- ]?ana|pro[- ]?mia|thinspiration|self[- ]?starv(e|ation)|purging)\b | [REDACTED SENSITIVE CONTENT] |
| Illegal Activities | \b(money\s+launder(ing)?|launder\s+money|structuring|smurfing|wash\s+(the\s+)?money|clean\s+money|dirty\s+money|drug\s+traffick(ing)?|narco|cartel|drug\s+deal(er|ing)?|drug\s+lord|kingpin|cocaine|heroin|fentanyl|meth(amphetamine)?|crack|opioid|human\s+traffick(ing)?|sex\s+traffick(ing)?|smuggl(e|ing)|contraband|black\s+market|dark\s+web|darknet|hitman|contract\s+killer|murder\s+for\s+hire|arson|extort(ion)?|blackmail|ransom|kidnap(ping)?|abduct(ion)?|hostage|fraud\s+scheme|ponzi|pyramid\s+scheme|identity\s+theft|credit\s+card\s+fraud|wire\s+fraud|bank\s+fraud|embezzle(ment)?|brib(e|ery)|kickback|racketeering|RICO|organized\s+crime|mob|mafia|syndicate|gang\s+activity|criminal\s+enterprise)\b | [REDACTED ILLEGAL CONTENT] |
| Harassment & Hate Speech | \b(n[i1]gg[e3]r|f[a4]gg[o0]t|k[i1]ke|sp[i1]c|ch[i1]nk|g[o0]{2}k|w[e3]tb[a4]ck|r[e3]t[a4]rd|tr[a4]nny|shemale|dyke|cunt|kill\s+all|gas\s+the|lynch|hang\s+the|exterminate|subhuman|untermensch|mongrel|mud\s+people|race\s+traitor|coal\s+burner|oil\s+driller|oven|lampshade|helicopter\s+ride|throw\s+from|rooftop|wood\s+chipper|dox(x)?(ing)?|swat(ting)?|harass(ment)?|stalk(ing|er)?|cyber\s*bully|death\s+threat|rape\s+threat|bomb\s+threat|shoot\s+up|gonna\s+find\s+you|know\s+where\s+you\s+live|coming\s+for\s+you)\b | [REDACTED HATE SPEECH] |
Custom Patterns
In addition to preset patterns, you can define your own regex patterns to match more specific data patterns. Each custom pattern requires:| Field | Type | Required | Description |
|---|---|---|---|
| pattern | string (regex) | Yes | A valid regular expression to match against content |
| redaction_text | string | No | Replacement text used in mutate mode (default: [REDACTED]) |
EMP-123456:
- Pattern:
EMP-\d{6} - Redaction Text:
[REDACTED EMPLOYEE ID]
Use Cases
Recommended Hook Usage
| Hook | Use Case |
|---|---|
| LLM Input | Redact PII, payment cards, and credentials before they reach the LLM |
| LLM Output | Detect and redact sensitive data in LLM-generated responses |
| MCP Pre Tool | Sanitize tool parameters to remove sensitive data before tool invocation |
| MCP Post Tool | Redact sensitive data from tool outputs (database results, file contents, API responses) |