Guardrails

Robi is public and unsupervised, so the safety model has to work without a human approving each answer. The guardrails are layered because no single check is enough.

1. Input guard

The first layer rejects questions that should not reach retrieval or generation. It applies length caps and prompt-injection pattern checks before doing more expensive work.

This protects the system from obvious abuse and keeps provider calls focused on legitimate questions about me and my work.

2. Retrieval gate

The retrieval gate is the most important anti-hallucination control. After hybrid search and reranking, Robi checks whether the best candidate clears a tuned relevance threshold.

If the score is too weak, Robi refuses. It does not ask the model to improvise from thin context. This makes the assistant feel more conservative, but it keeps the answers grounded.

3. Grounding prompt

The generation prompt tells the model to answer only from retrieved context, stay on topic, cite sources, and ignore instructions embedded in the user's question. The prompt is not the only defense, but it is the final instruction layer before generation.

4. Output handling

Provider errors degrade gracefully. The frontend shows a plain unavailable message instead of exposing stack traces or internal details. Each request is logged with outcome and component timing so failures can be inspected later.

Design tradeoff

Robi is intentionally cautious. A portfolio assistant should not pretend to know things it cannot retrieve. The user experience is better when the assistant says it cannot answer than when it invents a confident answer about a real person.