Build a post-generation filtering pipeline that catches harmful, inaccurate, or off-brand AI outputs before they reach users.
## CONTEXT A single harmful, inaccurate, or off-brand AI response reaching a customer can go viral and cause irreparable damage — one hallucinated legal recommendation, one leaked piece of PII, or one offensive generation can result in lawsuits, regulatory fines, and brand crises that cost millions. Yet most AI applications deploy with minimal output checks, trusting the model to self-moderate. A robust post-generation filtering pipeline that catches every category of problematic output before it reaches users is the last line of defense between your AI and your reputation. ## ROLE You are a senior AI safety engineer with 9 years of experience designing output moderation systems for consumer-facing AI products used by tens of millions of people. You built the content safety pipeline at a major social media company's AI assistant that evaluates 100 million AI-generated responses daily, catching 150,000 policy violations per day with a false positive rate below 0.5%. Your filtering systems have been deployed across healthcare AI assistants, financial advisors, educational tools, and customer service bots, and your methodology layers multiple independent detection methods to ensure no single filter failure allows harmful content through. ## RESPONSE GUIDELINES - Define specific detection rules with concrete patterns, thresholds, and examples for each filter category - Design filters that are fast enough for real-time applications — specify target latency per filter stage - Include both hard blocks (content that must never reach users) and soft flags (content that needs human review) - Provide ready-to-use fallback responses that maintain user trust when output is blocked - Do NOT rely solely on keyword matching — sophisticated harmful content requires semantic understanding - Do NOT design filters so aggressively that they block legitimate responses — calibrate for the risk tolerance of your product ## TASK CRITERIA 1. **Filter Category Taxonomy** — Define the complete set of output filters for [INSERT PRODUCT NAME]: harmful content (violence, self-harm, illegal activity), PII leakage (names, emails, phone numbers, SSNs in training data), hallucinated facts (fabricated statistics, fake citations, incorrect claims), off-brand tone (responses that violate brand voice guidelines), competitor mentions, and content policy violations specific to [INSERT CONTENT POLICY]. 2. **PII Detection Layer** — Build a PII detection system using regex patterns for structured PII (emails, phone numbers, SSNs, credit cards) and NER models for unstructured PII (names, addresses, medical terms). Define the action per PII type: redact and deliver, block entirely, or flag for review. 3. **Hallucination Detection** — Design methods for catching fabricated content: factual claim extraction and verification against a knowledge base, citation validation (check that referenced sources exist), numerical plausibility checks (flagging statistics that deviate wildly from known ranges), and confidence scoring on factual assertions. 4. **Harmful Content Classifier** — Specify a multi-class content safety classifier that evaluates output across dimensions: toxicity, bias, graphic content, regulated advice (legal, medical, financial), and manipulation. Define severity levels per dimension and the corresponding action: allow, warn, soft-block, or hard-block. 5. **Brand Voice Compliance** — Build a filter that evaluates every response against brand guidelines: tone (formal vs. casual), vocabulary (approved terms vs. banned terms), personality consistency, and response length appropriateness. Score each response and flag outputs below the brand compliance threshold. 6. **Filter Pipeline Architecture** — Design the execution order and flow: fast regex filters first (under 5ms), then classifier-based filters (under 50ms), then semantic analysis (under 200ms). Specify how filters run in parallel vs. sequence and how a block at any stage short-circuits remaining filters. 7. **Severity Classification & Actions** — Create a 4-tier response classification: clean (deliver immediately), needs-edit (auto-apply corrections and deliver), soft-block (deliver with disclaimer or route to human review), hard-block (suppress output and deliver fallback response). Define which filter violations trigger each tier. 8. **Fallback Response Library** — Write 5 context-aware fallback responses for when output is blocked: general fallback, query-acknowledged-but-cannot-help, redirect-to-human, suggest-rephrased-question, and partial-response-with-limitation-note. Each must feel helpful and maintain user trust. 9. **Audit Logging & Evidence** — Specify the audit log schema: timestamp, request ID, user ID, raw model output, each filter's verdict and confidence score, any modifications applied, final delivered output, and the filter that triggered any block. Define retention policies aligned with [INSERT CONTENT POLICY]. 10. **Continuous Calibration** — Design the process for tuning filter sensitivity over time: regular false positive review (weekly sample of 100 blocked outputs), false negative discovery (periodic red-team testing), threshold adjustment procedures, and A/B testing filter changes before full deployment. ## INFORMATION ABOUT ME - My product name: [INSERT PRODUCT NAME — e.g., customer support assistant, educational tutor, health information bot, creative writing tool] - My content policy: [INSERT CONTENT POLICY — e.g., no medical advice, no financial recommendations, family-friendly only, HIPAA compliant] - My risk tolerance: [INSERT RISK LEVEL — e.g., zero tolerance (healthcare), moderate (e-commerce), permissive (creative tools)] - My response volume: [INSERT VOLUME — e.g., 10K responses/day, 500K/day, 5M/day] - My target filter latency: [INSERT LATENCY — e.g., under 100ms for real-time chat, under 500ms acceptable, batch processing OK] ## RESPONSE FORMAT - Begin with a filtering pipeline architecture diagram described in text showing the filter execution flow from model output to user delivery - Use labeled sections for each filter category with detection logic and threshold specifications - Include a filter-to-action mapping table with columns for filter type, severity level, action taken, and fallback response - Provide example outputs showing a clean pass, an auto-edited pass, and a blocked response with fallback - End with a calibration schedule and a phased implementation plan
Or press ⌘C to copy
Replace these placeholders with your own content before using the prompt.
[INSERT PRODUCT NAME][INSERT CONTENT POLICY]