NVIDIA
Explore Models Blueprints GPUs Docs
Terms of Use

|

Privacy Policy

|

Manage My Privacy

|

Contact

Copyright © 2025 NVIDIA Corporation

nvidia

Safety for Agentic AI

Improve safety, security, and privacy of AI systems at build, deploy and run stages.

blueprintnemo guardrailslaunchablenvidia aiopen modelsprivacysafetysecurity
View GitHub

As large language models (LLMs) increasingly enable agentic AI systems capable of autonomous reasoning and tool use, they also introduce critical safety risks, including goal misalignment, hallucinations, and prompt injections. Enterprises are challenged to harness open-weight models' flexibility without compromising on trust, security, or compliance. As regulations tighten across regions and industries, non-compliance becomes a persistent challenge.

With this safety recipe, enterprises can now confidently adopt open models, aligned to their policy. Start with model evaluation using garak vulnerability scanning with curated risk prompts, benchmarking against enterprise thresholds. Then, post-train using recipes and safety datasets to close critical safety and security gaps. Deploy the hardened model as a trusted NVIDIA NIM and then add inference run time safety protection with NVIDIA NeMo Guardrails that actively block unsafe model behavior. With continuous monitoring, and collaboration between AI and risk teams, model safety becomes enforceable, not aspirational.

Architecture Diagram

Architecture Diagram

This safety recipe is broken down into four steps, which map to a typical agentic workflow environment:

  • Safety, security, and accuracy evaluation of models and systems
  • Post-training with NVIDIA curated datasets
  • Deploying the trusted model as a NIM
  • Running the trusted model with NVIDIA NeMo Guardrails at inference

Key Features

  • Evaluation pipelines for content safety with Nemotron Content Safety Dataset V2 and Wildguard utilizing NeMo Eval
  • Security evaluation pipeline with NVIDIA garak
  • Dataset blend with 4 datasets and on-policy prompt generation with the target model
  • Post-training (SFT) with NeMo Framework RL
  • Easy-to-understand safety and security reports
  • Packaging and deploying the trusted model with NIM
  • Integrating the Content Safety NIM with NeMo Guardrails for inference-time safety

Minimum System Requirements

Hardware Requirements

  • Self-hosted Main LLM: 8 × (NVIDIA H100 or A100 GPUs 80GB)
  • Storage: 300GB
  • Minimum System Memory: 128GB

OS Requirements

  • Python 3.12
  • Docker Container: nvcr.io/nvidia/nemo:25.04
  • Docker Engine

Software Used in This Blueprint

NVIDIA Technology

  • NVIDIA NeMo Framework RL - Post-training library for models ranging from 1 GPU to 100B+ parameters
  • NVIDIA NeMo Framework Eval - Scalable, cloud-native framework to create, customize, and deploy the latest AI models
  • NVIDIA NIM - Microservices for accelerating the deployment of foundation models agnostic of cloud or datacenter
  • NVIDIA NeMo Guardrails - Programmable logic at inference runtime to safeguard agentic AI applications
  • NVIDIA NemoGuard Content Safety - Multilingual model that detects unsafe interactions between humans and LLMs
  • NVIDIA Garak - Open-source red teaming tool to scan vulnerabilities like hallucination, prompt injection, and jailbreaks

3rd Party Software

  • vLLM
  • HuggingFace
  • Weights & Biases
  • PyTorch
  • WildGuard

Dataset Used

  • Nemotron Content Safety Dataset V2
  • Gretel Synthetic Safety Alignment Dataset
  • HarmfulTasks
  • Llama Nemotron Post Training Dataset
  • JaiBreakV-28k/ReadTeam 2k
  • WildGuardMix

Ethical Considerations

NVIDIA believes Trustworthy AI is a shared responsibility, and we have established policies and practices to enable development for a wide array of AI applications. When downloaded or used in accordance with our terms of service, developers should work with their supporting model team to ensure the models meet requirements for the relevant industry and use case and address unforeseen product misuse. For more detailed information on ethical considerations for the models, please see the Model Card++, Explainability, Bias, Safety & Security, and Privacy Subcards. Please report security vulnerabilities or NVIDIA AI concerns here.

License

Use of this developer example notebook is governed by the Apache 2.0 License.

Terms of Use

The software and materials are governed by the NVIDIA Software License Agreement and the Product-Specific Terms for NVIDIA AI Products, except that models are governed by the AI Foundation Models Community License Agreement and the NVIDIA RAG dataset is governed by the NVIDIA Asset License Agreement. ADDITIONAL INFORMATION: for Meta/llama-3.1-70b-instruct model, the Llama 3.1 Community License Agreement, for nvidia/llama-3.2-nv-embedqa-1b-v2 model, the Llama 3.2 Community License Agreement. Built with Llama.