# Lab 7: Ethical AI & Guardrails

**Module 7 - Responsible AI Implementation**

| Duration | Difficulty | Framework | Exercises |
|----------|------------|-----------|----------|
| 90 min | Intermediate | OpenAI + Custom | 4 |

## Learning Objectives

- Implement content moderation using OpenAI's Moderation API
- Build custom input/output guardrails
- Create bias detection mechanisms
- Design audit logging and compliance systems

## Setup

In [None]:
import os
import re
import json
from datetime import datetime
from openai import OpenAI
from typing import Optional

os.environ["OPENAI_API_KEY"] = "your-api-key-here"
client = OpenAI()

---

## Exercise 1: OpenAI Moderation API

Use OpenAI's Moderation API to detect harmful content.

**Your Task:** Implement content moderation checking.

In [None]:
def check_moderation(text: str) -> dict:
    """Check text against OpenAI's moderation endpoint."""
    # TODO: Call client.moderations.create(input=text)
    # TODO: Extract flagged status and category scores
    pass

def analyze_moderation_result(result: dict) -> str:
    """Analyze and format moderation results."""
    # TODO: Format which categories were flagged
    pass

In [None]:
# Test
test_texts = [
    "How do I write a Python function?",
    "What's the weather today?",
]

# for text in test_texts:
#     result = check_moderation(text)
#     print(f"Text: {text[:40]}... Flagged: {result['flagged']}")

---

## Exercise 2: Custom Input Guardrails

Build comprehensive input validation.

**Your Task:** Implement PII detection and injection prevention.

In [None]:
class InputGuardrails:
    def __init__(self):
        self.pii_patterns = {
            "email": r'\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b',
            "phone": r'\b\d{3}[-.]?\d{3}[-.]?\d{4}\b',
            "ssn": r'\b\d{3}-\d{2}-\d{4}\b',
        }
        self.injection_patterns = [
            r'ignore\s+(previous|all)\s+instructions',
            r'you\s+are\s+now\s+',
            r'system\s*:\s*',
        ]
    
    def detect_pii(self, text: str) -> tuple:
        """Detect PII in text."""
        # TODO: Check each PII pattern and return findings
        pass
    
    def detect_injection(self, text: str) -> tuple:
        """Detect prompt injection attempts."""
        # TODO: Check injection patterns
        pass
    
    def validate(self, text: str) -> dict:
        """Run all validation checks."""
        # TODO: Combine all checks and return results
        pass

---

## Exercise 3: Output Guardrails

Validate and sanitize LLM outputs.

**Your Task:** Implement output validation and PII redaction.

In [None]:
class OutputGuardrails:
    def __init__(self):
        self.hallucination_markers = [
            r"as an ai,? i (don't|cannot) know",
            r"i('m| am) not sure",
        ]
    
    def detect_hallucination_markers(self, text: str) -> tuple:
        """Detect potential hallucination indicators."""
        # TODO: Check for hallucination markers
        pass
    
    def redact_pii(self, text: str) -> str:
        """Redact PII from output."""
        # TODO: Replace PII patterns with [REDACTED]
        pass
    
    def validate(self, text: str) -> dict:
        """Validate output and return sanitized version."""
        # TODO: Run checks and return results with sanitized text
        pass

---

## Exercise 4: Audit Logging System

Create comprehensive audit logging for compliance.

**Your Task:** Implement structured logging with metrics.

In [None]:
import hashlib
import uuid
from dataclasses import dataclass, asdict

@dataclass
class AuditEntry:
    request_id: str
    timestamp: str
    user_id: str
    input_hash: str
    input_passed: bool
    output_hash: str
    output_passed: bool
    model_name: str
    latency_ms: float

class AuditLogger:
    def __init__(self, log_file: str = "audit_log.jsonl"):
        self.log_file = log_file
        self.entries = []
    
    def hash_content(self, text: str) -> str:
        """Create hash of content."""
        # TODO: Return SHA256 hash prefix
        pass
    
    def create_entry(self, user_id: str, input_text: str, input_validation: dict,
                     output_text: str, output_validation: dict, model_name: str, latency_ms: float):
        """Create and store an audit entry."""
        # TODO: Create AuditEntry and append to entries
        pass
    
    def get_statistics(self) -> dict:
        """Calculate statistics from logged entries."""
        # TODO: Calculate failure rates, totals, etc.
        pass

---

## Checkpoint

You've completed Lab 7! Key concepts:

- Moderation API catches harmful content automatically
- Input guardrails prevent PII leakage and injection attacks
- Output guardrails ensure safe, sanitized responses
- Audit logging enables compliance and debugging

**Congratulations!** You've completed all 7 labs in the Mastering LLMs course.