Attachment Scanning
The attachment scanning guardrail flags any outbound email that contains file attachments. This ensures that documents generated or attached by your AI agents are reviewed by a human before being sent to customers.
| Default | Disabled |
| Analysis method | MIME header inspection |
| Risk levels | Green / Orange or Red (configurable) |
Note: This guardrail is disabled by default because whether attachments should be flagged depends on your organization's policies. Enable it if your agents should not send file attachments without human review.
Configuration
| Setting | Default | Description |
|---|---|---|
| Default risk level | Orange | Risk level when an attachment is detected — choose orange (review recommended) or red (always block) |
Use cases
Regulated industries — In healthcare, finance, or legal, documents sent to customers may contain sensitive information. Flag all attachments for manual review to ensure nothing inappropriate leaves the organization.
Document generation — Your AI agent generates PDFs or reports and attaches them to emails. Review every attachment before it reaches the customer to catch errors, formatting issues, or incorrect data.
Preventing data exfiltration — If a prompt injection attack causes your AI agent to attach internal documents to an outbound email, the attachment guardrail catches it.
How it works
The guardrail inspects the MIME structure of the outbound email. If any attachment parts are detected (files, images, documents), the email is flagged at your configured risk level. The reviewer can then inspect the attachment content in the review dashboard before approving.