During configuration and MCP publishing, you may encounter security issues such as sensitive content, compliance violations, prompt injection, and brute-force attacks. MSE Nacos provides the Security Guardrail feature, which integrates security detection capabilities to protect against risks in model invocations. This enhances the security posture and stability of your AI applications.
Prerequisites
-
You have created an MSE Nacos instance.
-
The Security Guardrail feature requires an Enterprise Edition Nacos instance with engine version
3.1.1.0or later. This feature is not supported on Developer or Professional Edition instances.
Features
The Security Guardrail provides the following protection capabilities:
|
Dimension |
Description |
Protection level |
|
Malicious URL detection |
Detects malicious links, phishing sites, and other malicious URLs in the content. |
Block None / Low-risk / Medium-risk / High-risk |
|
Prompt attack detection |
Detects malicious prompts, such as prompt injection and jailbreak attacks. |
Block None / Low-risk / Medium-risk / High-risk |
|
Content compliance detection |
Detects content that violates regulatory requirements, such as political, terrorism-related, and prohibited content. |
Block None / Low-risk / Medium-risk / High-risk |
|
Sensitive content detection |
Detects private information leaks, sensitive data, and other sensitive content. |
Block None / Low-risk / Medium-risk / High-risk |
Protection level descriptions:
The protection level determines how the system responds to detected risks:
-
Block None: Only logs events and does not affect the publishing workflow.
-
Low-risk: Blocks content classified as low-risk or higher.
-
Medium-risk: Blocks content classified as medium-risk or higher.
-
High-risk: Blocks only high-risk content. This level has the highest risk tolerance.
Configure the Security Guardrail
Enable the Security Guardrail
-
Log on to the MSE console.
-
In the left-side navigation pane, choose Microservices Registry > Instances.
-
On the Instances page, click the name of your instance to open its details page.
-
In the left-side navigation pane, choose Security Protection > Content Moderation Guardrail to open the Security Guardrail configuration page.
-
Click Enable to activate the Security Guardrail feature.
Note-
When enabled, the system automatically checks published content for security risks, such as private information leaks and malicious script injections, and for compliance violations. This helps you enforce AI security best practices.
-
When you enable Security Guardrail for the first time, you must grant permissions to a service-linked role. Follow the on-screen instructions to authorize the
AliyunServiceRoleForMSEEngineServicerole.
-
Protection policy settings
-
On the Protection Strategy Settings page, configure the Interception Policy for each protection dimension based on your business needs.
For each dimension—Malicious URL detection, Prompt attack detection, Content compliance detection, and Sensitive content detection—select an appropriate protection level: Block None, Low-risk, Medium-risk, or High-risk.
-
Configure the Protection Scope by selecting the scenarios in which to apply security checks:
Parameter
Description
Configuration creation and change
When selected, the system performs security checks when Nacos configurations are created or changed.
MCP service creation and change
When selected, the system performs security checks when MCP services are created or changed.
-
Click Save Changes to complete the configuration.
ImportantAfter you save the configuration, the Security Guardrail takes effect immediately and checks all subsequent publishing operations against your policies.
Results
After you configure the Security Guardrail, publishing a configuration or an MCP service triggers the following actions:
-
The system automatically checks the published content for security and compliance.
-
The system responds according to your configured policies by logging, alerting, or blocking the operation.
-
You can view interception records on the Security Guardrail console.