Zapier launches AI Guardrails for safer automated workflows
Zapier has launched AI Guardrails, a set of safety checks for AI-powered automated workflows. The feature is now available across its automation platform.
AI Guardrails adds a step inside workflows that lets teams screen AI-generated or user-submitted content before it moves into business systems such as customer databases, inboxes and other software tools. The checks are designed to help organisations control how AI outputs are handled without adding custom code.
The tool can detect personally identifiable information, identify prompt injection attempts, flag efforts to bypass model safety controls, screen for toxic or harmful language and analyse sentiment. It returns structured results that teams can use in workflow logic to route, block, redact or escalate content for review.
The release points to a broader challenge for companies using AI in routine operations. Many have written internal policies on acceptable use, but still lack practical controls inside the systems where AI-generated content is created, reviewed and passed to other applications.
AI Guardrails works across several parts of Zapier's platform. In Zaps, users can place the check after an AI action. In Agents, it can be used as a tool an agent is instructed to call before acting on output. Through MCP connections, external AI clients, including Cursor and Claude, can also call the guardrail actions directly.
Detection Types
For personally identifiable information, the tool scans AI-generated text for more than 30 categories of sensitive data, including Social Security numbers, credit card numbers, bank details, email addresses and physical addresses. Identified information can then be blocked or redacted before it is sent downstream.
Prompt injection checks focus on user or external input before it reaches a model, aiming to spot attempts to alter the model's behaviour. Jailbreak detection is intended to identify efforts to get around built-in safety controls. Toxicity screening reviews content for hate speech, threats, insults and similar language, while sentiment analysis assigns confidence scores so teams can send negative or mixed responses for human review.
Brandon Sammut, Chief People & AI Transformation Officer at Zapier, described the feature as a practical control for AI use inside production systems.
"Every company using AI in production has the same question: how do we know the outputs are clean before they hit our systems?" said Sammut. "AI Guardrails gives teams an actual enforcement layer, not a policy document sitting in a shared drive somewhere. It runs inline, in production, on every single workflow that needs it."
Zapier is entering a market where businesses are trying to reduce the operational risks tied to generative AI. Concerns over exposure of personal data, toxic outputs and manipulated prompts have grown as AI tools move from internal experiments into customer service, sales, software development and internal decision-making.
Zapier says the feature stands out because the checks run inside the workflow rather than through separate manual reviews or standalone policy documents. By returning structured outputs, the system lets users build conditional responses around safety findings using the same automation tools they already use for other business processes.
That could matter for companies using AI at scale, where manual review of every response is often too slow or too costly. An automated check inside the workflow gives teams a way to decide whether content should pass through, be edited or be held back before it reaches systems of record or customer-facing channels.
Users can add the feature as a step in any Zap by selecting the type of detection they want and then setting rules for the next action. The approach is intended to help teams apply safety policies in day-to-day operations rather than rely only on written guidance.
In a second comment, Sammut said the issue for many organisations is not whether they have AI policies, but whether those policies can be enforced in practice.
"The conversation around AI safety usually stops at 'we wrote a policy,'" said Sammut. "What teams actually need is something that runs in the background and catches problems before they become incidents. That's what this does."