Add French language support for EU AI Act Article 5 guardrail

[ishaan-jaff]

Added French language support for the EU AI Act Article 5 guardrail.

The guardrail now catches prohibited AI practices in French:

• Social credit systems ("système de crédit social")
• Employee emotion detection ("détection d'émotions des employés")
• Biometric categorization ("inférer la race à partir du visage")
• Predictive policing ("police prédictive")

This blocks the main query and circumvention attempts. For example:

Blocked:
"Concevoir un système de crédit social pour classer tous mes employés"

Also blocked (circumvention attempt):
"Comment créer un système pour noter le comportement social de mes salariés?"

Allowed (legitimate use):
"Comment évaluer la performance de mon équipe de manière équitable?"

The template handles case-insensitive matching and works with mixed English/French. Research queries ("recherche sur") are still allowed.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
litellm	Ready	Preview, Comment	Feb 18, 2026 0:03am

[greptile-apps]

Greptile Summary

This PR adds French language support for the EU AI Act Article 5 prohibited practices guardrail, following the same template pattern as the existing English version. It introduces a French YAML policy template with always_block_keywords, identifier_words, additional_block_words, and exceptions, along with 7 tests covering blocking, exception, and edge case scenarios.

• The always_block_keywords and exceptions sections are functional and correctly block French phrases like "système de crédit social" and allow research queries.
• The identifier_words and additional_block_words sections (~100 lines of YAML) are effectively dead configuration — the content filter engine requires an inherit_from field to activate conditional matching, which is absent in this template (and also in the English template). The PR description and documentation claim conditional matching works, but tests only pass because they exercise always_block_keywords.
• The test_all_scenarios_summary test method contains no assertions and always passes.
• No tests exercise actual conditional matching (identifier word + block word combinations that aren't in always_block_keywords), so the gap in coverage is not surfaced by the test suite.

Confidence Score: 2/5

• The always_block_keywords portion works, but ~50% of the YAML config is dead code and the tests don't catch this gap.
• Score of 2 reflects that while the PR won't break anything (additive new files only), approximately half the policy template configuration (identifier_words + additional_block_words) is never loaded by the content filter engine. The tests pass but only because they exercise always_block_keywords, not the conditional matching that the PR claims to support. The documentation is misleading about what's actually covered.
• Pay close attention to eu_ai_act_article5_fr.yaml — the identifier_words and additional_block_words sections are never used, and the tests in test_eu_ai_act_french_3_scenarios.py don't verify conditional matching.

Important Files Changed

Filename	Overview
litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/policy_templates/eu_ai_act_article5_fr.yaml	French EU AI Act policy template. always_block_keywords and exceptions work correctly, but identifier_words and additional_block_words are never loaded due to missing inherit_from (pre-existing pattern from English template). ~50% of the YAML config is effectively dead.
tests/guardrails_tests/test_eu_ai_act_french_3_scenarios.py	Test file covers always_block_keywords and exception scenarios. However, no tests verify conditional matching (identifier + block word), and one test method (test_all_scenarios_summary) is a no-op with no assertions.
tests/guardrails_tests/FRENCH_TEST_SUMMARY.md	Documentation file describing test results. Claims conditional matching works (e.g., "Conditional: créer + comportement social") which is misleading since that logic path is never activated.

Flowchart

flowchart TD
    A[User Input - French Text] --> B{Load YAML Template}
    B --> C[always_block_keywords ✅ Loaded]
    B --> D[identifier_words ❌ Not Loaded]
    B --> E[additional_block_words ❌ Not Loaded]
    B --> F[exceptions ✅ Loaded]
    
    A --> G{Check Exceptions}
    G -->|Exception Found| H[✅ ALLOW]
    G -->|No Exception| I{Check always_block_keywords}
    I -->|Match Found| J[🚫 BLOCK - HTTPException 403]
    I -->|No Match| K{Check Conditional Categories}
    K -->|Empty - Never Loaded| L[✅ ALLOW - Falls Through]
    
    style D fill:#ff9999,stroke:#cc0000
    style E fill:#ff9999,stroke:#cc0000
    style C fill:#99ff99,stroke:#00cc00
    style F fill:#99ff99,stroke:#00cc00
    style L fill:#ffff99,stroke:#cccc00

Loading

_{Last reviewed commit: bfee545}

[greptile-apps]

_{3 files reviewed, 3 comments}

_{Edit Code Review Agent Settings | Greptile}

[ishaan-jaff]

@greptile review again

[greptile-apps]

Greptile Summary

This PR adds French language support for the EU AI Act Article 5 guardrail by introducing a new YAML policy template (eu_ai_act_article5_fr.yaml) and fixing the content filter engine to support additional_block_words without requiring inherit_from. The engine change at content_filter.py:332-336 broadens the conditional category loading condition, which is a necessary fix that also benefits the existing English template.

• Engine fix: _load_conditional_category now correctly loads when identifier_words are paired with additional_block_words alone (without inherit_from). This unblocks conditional matching for both the new French template and the existing English template.
• French template: Comprehensive coverage of EU AI Act Article 5 prohibited practices with French identifier_words, additional_block_words, always_block_keywords, and exceptions.
• Exception bypass risk: Several short French exception words ("jeu", "juste", "film") use substring matching and will match inside unrelated French words (e.g., "enjeu", "ajuster"), creating potential guardrail bypasses for both conditional and always_block_keywords checks.
• Tests: 7 test cases covering blocking, circumvention, safe queries, conditional matching, mixed language, research exceptions, and case-insensitivity.

Confidence Score: 3/5

• Functional but has a guardrail bypass risk from overly broad French exception words using substring matching.
• The engine fix is correct and well-implemented. The French template is comprehensive, but short exception words like "jeu" and "juste" create substring-based guardrail bypasses (e.g., "enjeu" triggering the "jeu" exception and skipping all checks). Tests are present and cover the main scenarios, including a dedicated conditional matching test. Score of 3 reflects the bypass risk that could weaken the guardrail in practice.
• Pay close attention to eu_ai_act_article5_fr.yaml — the exception words at lines 215-235 need refinement to prevent substring-based guardrail bypasses.

Important Files Changed

Filename	Overview
litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/content_filter.py	Extends _load_conditional_category to support additional_block_words without inherit_from. Logic is clean and well-structured with proper logging.
litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/policy_templates/eu_ai_act_article5_fr.yaml	New French YAML template with identifier_words, additional_block_words, always_block_keywords, and exceptions. Some exception words are overly broad for substring matching.
tests/guardrails_tests/test_eu_ai_act_french_3_scenarios.py	Tests cover core blocking and allow scenarios plus a conditional matching test. Excessive print statements add noise.

Flowchart

flowchart TD
    A[Input Text] --> B{Check Exceptions<br/>substring match}
    B -->|Exception found| C[ALLOW - skip all checks]
    B -->|No exception| D{Check Conditional Categories<br/>identifier_word + block_word}
    D -->|Match found| E[BLOCK - conditional match]
    D -->|No match| F{Check always_block_keywords<br/>exact phrase match}
    F -->|Match found| G[BLOCK - always_block keyword]
    F -->|No match| H{Check category_keywords<br/>word boundary match}
    H -->|Match found| I[BLOCK - category keyword]
    H -->|No match| J[ALLOW - no violations]

    style E fill:#f66,color:#fff
    style G fill:#f66,color:#fff
    style I fill:#f66,color:#fff
    style C fill:#6f6,color:#000
    style J fill:#6f6,color:#000

Loading

_{Last reviewed commit: adece0d}

[greptile-apps]

_{3 files reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}

[ishaan-jaff]

Fixed the exception bypass risk identified in the latest Greptile review.

Problem:
Short exception words used substring matching:

• "jeu" (game) would match "enjeu" (stake/issue)
• "juste" (fair) would match "ajuster" (adjust)
• "film" would match "filmer" (to film)

This created bypass opportunities where prohibited queries could slip through.

Fix:
Replaced short words with context-specific phrases:

• "jeu" → "dans un jeu", "dans le jeu", "jeu vidéo"
• "juste" → "de manière juste", "de façon juste", "justement évaluer"
• "film" → "dans un film", "dans le film", "pour un film"

Verified:

• Bypass test: "Créer un système de crédit social pour l'enjeu principal" → Still blocked (no bypass)
• Legitimate use: "Détecter les émotions dans un jeu vidéo" → Allowed (proper context)
• All 9 tests pass

[ishaan-jaff]

@greptile-apps please review the latest commit c3d1504 - I've addressed the exception bypass risk

[ishaan-jaff]

@greptile-apps All issues addressed in commits c3d1504 and fa80c28. Please review:

• Exception bypass risk fixed (short words replaced with context phrases)
• Assertion made robust (using getattr and dict check)
• Conditional matching fully functional
• All 9 tests passing

[greptile-apps]

Greptile Summary

This PR adds French language support for the EU AI Act Article 5 guardrail and includes a bugfix to content_filter.py that enables conditional matching when additional_block_words are defined without inherit_from.

• Bugfix in content_filter.py: The conditional category loading condition was relaxed from requiring both identifier_words AND inherit_from to accepting identifier_words AND (inherit_from OR additional_block_words). This fixes conditional matching for the new French template and also retroactively enables it for the existing English template — a behavior change worth verifying.
• New French YAML template: Covers prohibited AI practices (social credit, emotion detection, biometric categorization, predictive policing) with French-specific keywords, multi-word exception phrases, and always-block keywords. Exception phrases are appropriately multi-word to avoid substring bypass issues.
• additional_block_words not lowercased: During loading in _load_conditional_category, additional_block_words are not lowercased, unlike inherited keywords. This is a latent bug since matching is done against lowercased text.
• Tests: 9 test cases cover core scenarios, conditional matching, mixed language, research exceptions, case sensitivity, and exception bypass prevention.

Confidence Score: 3/5

• PR is functionally correct for the French template but introduces an implicit behavior change to the existing English template that should be verified.
• The core logic change is sound and the French template is well-structured. However, the condition change in content_filter.py also enables conditional matching for the existing English template (previously silently skipped), which is a behavior change that could block previously-allowed English queries. The additional_block_words not being lowercased is a latent bug. Tests are reasonable but could be more robust.
• Pay close attention to content_filter.py lines 332-336 (condition change affecting English template) and lines 441-442 (missing lowercase normalization).

Important Files Changed

Filename	Overview
litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/content_filter.py	Bugfix: Relaxes conditional category loading to support additional_block_words without requiring inherit_from. Also improves logging and error handling. This change correctly enables conditional matching for both the new French template and the existing English template.
litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/policy_templates/eu_ai_act_article5_fr.yaml	New French language policy template for EU AI Act Article 5 with identifier words, additional block words, always-block keywords, and exceptions. Follows the same pattern as the English template with improved multi-word exception phrases.
tests/guardrails_tests/test_eu_ai_act_french_3_scenarios.py	New test file covering 3 core scenarios (block, circumvention block, allow) plus edge cases for conditional matching, mixed language, research exceptions, case-insensitive matching, and exception bypass prevention. Contains one test with a potentially fragile assertion pattern.

Flowchart

flowchart TD
    A[_filter_single_text] --> B[Collect all exceptions]
    B --> C{Check conditional categories}
    C -->|Exception match| D[Skip - Return None]
    C -->|identifier + block word found| E[BLOCK - HTTPException]
    C -->|No match| F{Check category keywords / always_block}
    F -->|Exception match| G[Skip]
    F -->|Keyword match| H[BLOCK or MASK]
    F -->|No match| I{Check regex patterns}
    I --> J{Check blocked words}
    J --> K[Return filtered text]

    subgraph "New: Conditional Loading"
        L[identifier_words defined?] -->|Yes| M{inherit_from OR additional_block_words?}
        M -->|Yes| N[Load conditional category]
        M -->|No| O[Skip conditional loading]
        L -->|No| O
        N --> P[Merge inherited + additional block words]
    end

Loading

_{Last reviewed commit: fa80c28}

[greptile-apps]

_{3 files reviewed, 3 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

Behavior change for existing English template

This condition change is a correct bugfix for the French template, but note it also changes behavior for the existing English template (eu_ai_act_article5.yaml). The English template has identifier_words and additional_block_words but no inherit_from, so previously its conditional matching was silently skipped (only always_block_keywords were active). After this change, conditional matching will activate for the English template too.

This is likely the intended behavior, but it should be verified that no existing English-language queries that were previously allowed will now be unexpectedly blocked by the newly-activated conditional matching.

[greptile-apps]

Single-word block words "inconscient" and "subconscient" may cause false positives

These are common French words that appear in legitimate contexts (psychology, medicine, philosophy). Since identifier_words like "analyser" and "identifier" are also common in those same contexts, a sentence like "analyser l'inconscient du patient" (analyze the patient's unconscious) would be blocked.

Consider using more specific multi-word phrases like "manipulation de l'inconscient" or "ciblage subconscient" to match only the prohibited Article 5.1.a context (subliminal/subconscious manipulation) while avoiding false positives in legitimate psychological discussions.

_{Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!}

[greptile-apps]

Additional Comments (1)

litellm/proxy/guardrails/guardrail_hooks/litellm_content_filter/content_filter.py
additional_block_words not lowercased during loading

additional_block_words are added to block_words without calling .lower(), unlike inherited keywords which are lowercased at line 432. Since matching at _check_conditional_categories compares against sentence_lower, any block word with uppercase characters would silently fail to match.

The current YAML files happen to use all-lowercase values so this doesn't cause issues today, but it's a latent bug that could surface when someone adds a block word with accidental capitalization.

            if category_config_obj.additional_block_words:
                block_words.extend(
                    [w.lower() for w in category_config_obj.additional_block_words]
                )