External Plugin Integrations

Relevant source files

• .husky/pre-commit
• .husky/pre-push
• plugins/default/alllowercase.ts
• plugins/default/alluppercase.ts
• plugins/default/contains.ts
• plugins/default/default.test.ts
• plugins/default/endsWith.ts
• plugins/default/jsonKeys.ts
• plugins/default/manifest.json
• plugins/default/modelRules.ts
• plugins/default/modelWhitelist.ts
• plugins/default/notNull.ts
• plugins/index.ts
• start-test.js

This document covers third-party plugin integrations in the Portkey AI Gateway. These plugins integrate external AI safety, security, and validation services from specialized vendors. Unlike the built-in default plugins covered in Built-in Plugins and Guardrails, external plugins call external APIs for advanced capabilities like PII detection, content moderation, prompt injection detection, and policy enforcement.

For information on the plugin system architecture, see Plugin System and Registry. For creating your own plugins, see Creating Custom Plugins.

Plugin Registry Structure

The gateway organizes external plugins into vendor-specific categories within the plugins object exported from plugins/index.ts70-179 Each category represents a third-party service provider and contains one or more plugin functions implementing the PluginHandler interface.

Plugin Registry Architecture

Each handler is imported from its category-specific directory and exported through a nested object structure. For example, plugins.qualifire.pii references the handler imported at plugins/index.ts22 and exported at plugins/index.ts101

Sources: plugins/index.ts1-179

Plugin Categories Overview

The following table summarizes all external plugin categories available in the gateway. Each category maps to a nested object within the plugins export.

Category	Plugins	Focus Area	Key Capabilities	Code Location
qualifire	7	AI Safety & Quality	Content moderation, grounding, hallucination detection, PII, prompt injections	plugins/index.ts95-103
portkey	4	Content Safety	Content moderation, language detection, PII, gibberish detection	plugins/index.ts104-109
patronus	11	Response Quality	PHI/PII detection, conciseness, helpfulness, bias detection, toxicity	plugins/index.ts120-132
azure	4	Microsoft Azure AI	PII detection, content safety, prompt shield, protected material detection	plugins/index.ts157-162
mistral	1	Mistral AI	Content moderation using Mistral's guardrail service	plugins/index.ts133-135
bedrock	1	AWS Bedrock	Guardrails using AWS Bedrock Guardrails API	plugins/index.ts145-147
pangea	2	Security	Text guard, PII redaction	plugins/index.ts136-139
promptfoo	3	Security Testing	PII detection, harm detection, general guard	plugins/index.ts140-144
promptsecurity	2	Prompt Security	Prompt protection, response protection	plugins/index.ts163-166
pillar	2	Security Scanning	Prompt scanning, response scanning	plugins/index.ts116-119
sydelabs	1	AI Safety	Sydeguard guardrails	plugins/index.ts113-115
aporia	1	ML Monitoring	Project validation	plugins/index.ts110-112
acuvity	1	Security	Content scanning	plugins/index.ts148-150
lasso	1	Classification	Content classification	plugins/index.ts151-153
exa	1	Search	Online search integration	plugins/index.ts154-156
walledai	1	AI Safety	Walled AI protection	plugins/index.ts170-172
javelin	1	AI Gateway	Javelin guardrails integration	plugins/index.ts173-175
panw-prisma-airs	1	Network Security	Palo Alto Prisma AIRS intercept	plugins/index.ts167-169
f5-guardrails	1	Application Security	F5 guardrails scanning	plugins/index.ts176-178

Sources: plugins/index.ts70-179

Plugin ID Resolution and Handler Interface

External plugins are referenced using a two-part identifier: category.pluginName. The hooks system uses this ID to look up and execute the appropriate plugin handler from the plugins object.

Plugin Resolution Flow

All plugin handlers must implement the PluginHandler type signature:

Example hook configuration:

The hooks execution system (see Hook Execution Lifecycle) parses the id field, looks up the handler in the plugins object, and invokes it with the request/response context and configured parameters.

Sources: plugins/index.ts95-103 plugins/default/modelWhitelist.ts1-11

Major External Plugin Categories

Qualifire Plugins

Qualifire provides comprehensive AI safety and quality validation services. These plugins call the Qualifire API to assess various aspects of AI-generated content.

Qualifire Plugin Architecture

Available plugins:

• qualifire.contentModeration - Detects harmful, toxic, or inappropriate content
• qualifire.grounding - Validates factual grounding of responses against source material
• qualifire.policy - Enforces custom organizational policies
• qualifire.toolUseQuality - Assesses quality of tool/function calling
• qualifire.hallucinations - Detects hallucinated or fabricated information
• qualifire.pii - Identifies personally identifiable information
• qualifire.promptInjections - Detects prompt injection attacks

Each handler is imported from plugins/qualifire/ directory and registered in the plugins.qualifire object at plugins/index.ts95-103

Sources: plugins/index.ts17-23 plugins/index.ts95-103

Portkey Plugins

Portkey's built-in AI safety plugins provide content validation by calling Portkey's external services. These plugins integrate with Portkey's hosted AI safety APIs.

Portkey Plugin Architecture

Available plugins:

• portkey.moderateContent - Content moderation via Portkey API
• portkey.language - Language detection and validation
• portkey.pii - PII detection service
• portkey.gibberish - Nonsensical or gibberish text detection

Each handler is imported from plugins/portkey/ directory and registered at plugins/index.ts104-109

Sources: plugins/index.ts26-29 plugins/index.ts104-109

Patronus AI Plugins

Patronus provides the most extensive set of response quality evaluation plugins. These assess various qualitative aspects of AI responses through the Patronus AI API.

Patronus Plugin Architecture

Available plugins:

• patronus.phi - Detects protected health information
• patronus.pii - Detects personally identifiable information
• patronus.isConcise - Evaluates response conciseness
• patronus.isHelpful - Assesses response helpfulness
• patronus.isPolite - Checks politeness and tone
• patronus.noApologies - Detects excessive apologizing
• patronus.noGenderBias - Checks for gender bias
• patronus.noRacialBias - Checks for racial bias
• patronus.retrievalAnswerRelevance - Validates RAG answer relevance
• patronus.toxicity - Detects toxic language
• patronus.custom - Custom evaluations via Patronus API

Each handler is imported from plugins/patronus/ directory and registered at plugins/index.ts120-132

Sources: plugins/index.ts34-45 plugins/index.ts120-132

Azure AI Plugins

Azure plugins integrate Microsoft Azure AI Content Safety and other Azure cognitive services.

Available plugins:

• azure.pii - PII detection using Azure Text Analytics
• azure.contentSafety - Content safety assessment using Azure Content Safety
• azure.shieldPrompt - Prompt shield protection against jailbreak attempts
• azure.protectedMaterial - Detects protected/copyrighted material

Sources: plugins/index.ts55-56 plugins/index.ts157-162

AWS Bedrock Plugins

Bedrock plugins integrate AWS Bedrock Guardrails for policy-based content filtering.

Available plugins:

• bedrock.guard - AWS Bedrock Guardrails integration for policy enforcement

Sources: plugins/index.ts51 plugins/index.ts145-147

Security-Focused Plugins

Several categories provide specialized security capabilities:

Promptfoo plugins:

• promptfoo.pii - PII detection for security testing
• promptfoo.harm - Harmful content detection
• promptfoo.guard - General-purpose guardrail

PromptSecurity plugins:

• promptsecurity.protectPrompt - Protects prompts from injection attacks
• promptsecurity.protectResponse - Protects responses from data leakage

Pillar Security plugins:

• pillar.scanPrompt - Scans prompts for security issues
• pillar.scanResponse - Scans responses for security issues

Pangea plugins:

• pangea.textGuard - Text content protection
• pangea.pii - PII redaction service

Sources: plugins/index.ts46-50 plugins/index.ts55-68 plugins/index.ts136-178

Plugin Handler Implementation Pattern

All external plugins implement the PluginHandler interface and follow a common pattern for calling external APIs and returning results.

External Plugin Handler Execution Flow

Handler Structure Pattern

All external plugin handlers follow this template structure:

Common parameter patterns:

1. API Credentials - Most plugins require API keys or tokens:

2. Thresholds - Many plugins support configurable thresholds:

3. Configuration - Plugin-specific configuration:

Sources: plugins/index.ts1-179 plugins/default/modelWhitelist.ts1-58 plugins/default/alluppercase.ts1-66

Usage Example

External plugins are configured in hook definitions using the id field with category prefix:

The hooks system resolves these IDs by:

1. Splitting on . to get category and function name
2. Looking up plugins[category][functionName]
3. Calling the handler with context and parameters
4. Evaluating the verdict to allow/deny the request/response

Sources: plugins/index.ts70-179

Adding New External Plugin Categories

To add a new external plugin category:

1. Create plugin implementation files in plugins/{category}/
2. Import handlers in plugins/index.ts
3. Add to the plugins export object:

4. Plugin handlers must implement the PluginHandler interface
5. Return {error, verdict, data} structure

For detailed implementation guidance, see Creating Custom Plugins.

Sources: plugins/index.ts1-179

External Plugin Execution Flow

Sources: plugins/index.ts70-179

Credential Management

External plugins require API credentials. These can be provided via:

1. Direct parameters - In hook configuration:

2. Environment variables - Using variable syntax:

3. File-based secrets - For sensitive credentials:

The gateway resolves environment variables and file contents before passing parameters to plugin handlers.

Sources: plugins/index.ts1-179