1 comment

[ 4.2 ms ] story [ 11.4 ms ] thread
I’ve been working on building AI safety solutions for a while now, and one recurring theme keeps coming up: there's always a tradeoff. You can’t have perfect safety, perfect usability, and perfect performance all at once.

So we wrote a paper—No Free Lunch with Guardrails—to dig into this. We tested a bunch of popular guardrail systems (OpenAI Moderation API, Azure Content Safety, BERT classifiers, LLM-as-a-judge methods) across red teaming attacks and false-positive edge cases.

Every approach fails somewhere: some miss dangerous prompts, others flag harmless stuff, and a few are just too slow for production use. We also benchmarked how top LLMs (GPT-4o, Gemini Flash, Claude 3.5, Mistral) react under different system prompt styles (basic, verbose, chain-of-thought). Some interesting patterns there.

If you’re working on LLM safety or just curious about what “guardrails” really give you, give it a read. Happy to answer questions or chat!