Defend
Reference

Configuration

defend.config.yaml structure as validated by DefendConfig-provider, models, guards, and module lists.

View on GitHub

Defend loads defend.config.yaml from the process working directory (see defend_api/config.py). Invalid YAML or schema errors fail fast at startup with a validation message.

defend.config.yaml
.env

Keep both files in the working directory from which you start defend serve (and set API keys in .env or the process environment as described in Environment variables).

Top-level keys

Prop

Type

Model capability requirement for claude/openai

When you configure provider: claude or provider: openai (including guards.input.provider / guards.output.provider overrides), the selected model must support tool/function calling. Defend enforces structured verdict output through provider tool invocation rather than free-form JSON text.

provider

Prop

Type

models

Prop

Type

guards

Prop

Type

guards.input

Prop

Type

guards.output

Prop

Type

Output provider validation

guards.output.provider defaults to top-level provider. If you override it, it must be claude or openai.

Module spec shapes

Each entry in guards.input.modules or guards.output.modules is either:

  • a string module name, for example injection, or
  • a single-key object mapping the name to kwargs, for example { "topic": { "allowed_topics": ["billing"] } }.

See Modules for per-module options.

Reference

Configuration schema, environment variables, and per-module guard reference for Defend.

Environment variables

Process and .env variables read by Defend Settings for ports, model ids, thresholds, API keys, and session tuning.

On this page

Top-level keysprovidermodelsguardsguards.inputguards.outputModule spec shapes