AI Governance Platform - Enterprise AI Safety & Compliance

Inspiration

As AI adoption accelerates across enterprises, the need for robust governance and safety measures has become critical. Organizations deploying AI agents face challenges around:

  • Data Privacy: Preventing accidental exposure of PII (Personally Identifiable Information)
  • Content Safety: Filtering toxic or harmful content in AI interactions
  • Security: Detecting prompt injection attacks that could manipulate AI behavior
  • Compliance: Maintaining audit trails for regulatory requirements

I built this platform to demonstrate how Google's Gemini 3 can power a comprehensive AI governance solution that runs entirely on Google Cloud.

What It Does

The AI Governance Platform provides real-time guardrails for AI agents:

Feature Description
PII Detection Identifies and redacts emails, phone numbers, SSNs, credit cards, and more
Toxicity Detection Uses Gemini's native safety filters to detect hate speech, harassment, and harmful content
Prompt Injection Detection AI-powered analysis to detect jailbreak attempts and instruction overrides
Audit Logging Complete audit trail stored in BigQuery for compliance
Real-time Dashboard Visual analytics of all AI interactions and security events
Token Usage Tracking Cost estimation and usage monitoring

How I Built It

Tech Stack

  • Backend: FastAPI (Python)
  • AI Model: Gemini 3 Flash Preview via Google AI Studio
  • Database: Google BigQuery for audit logs
  • Deployment: Google Cloud Run (serverless)
  • Frontend: Vanilla JS with Chart.js for dashboard

Gemini 3 Features Used

  1. System Instructions - Consistent AI behavior across all guardrail checks
  2. Safety Settings - Native toxicity filtering with configurable thresholds
  3. Structured Output - JSON responses for reliable parsing
  4. Token Counting - Cost tracking and usage estimation

Key Code Snippet - Toxicity Detection

async def check_toxicity(self, text: str) -> ToxicityResult:
    """Use Gemini's safety features to detect toxic content"""
    prompt = f"""Analyze this text for toxicity:
    Text: {text}

    Return JSON with: is_toxic, toxicity_score (0-1), categories"""

    response = await self.model.generate_content_async(
        prompt,
        safety_settings=self.safety_settings
    )
    return ToxicityResult(**json.loads(response.text)) """

### Challenges I Faced
1. Cloud Run Secret Management
Getting the Gemini API key to work in Cloud Run was tricky. The secret was being injected as an environment variable, but pydantic-settings wasn't picking it up.

Solution: Added fallback to check both pydantic settings AND os.environ.get('GEMINI_API_KEY') directly.

2. API Quota Limits
Hit the free tier limits during development (15 RPM, 1000 RPD).

Solution: Implemented regex-based fallback detection that works even when Gemini is unavailable, ensuring the platform remains functional.

3. Model Availability
Gemini 3 Flash Preview is a cutting-edge model with limited documentation.

Solution: Tested extensively and implemented graceful degradation for unsupported features.

What I Learned:

Gemini 3's Safety Features are powerful - the native toxicity filtering catches nuanced harmful content that regex patterns miss
Serverless architecture with Cloud Run makes deployment and scaling effortless
BigQuery is excellent for audit logging - the streaming inserts handle high throughput while enabling complex compliance queries
Graceful degradation is essential - always have a fallback when external APIs might be unavailable

What's Next:

Multi-model support - Add support for other LLMs (Claude, GPT-4)
Custom policies - Allow enterprises to define their own guardrail rules
Real-time alerts - Slack/email notifications for security events
Fine-tuned detection - Train custom models for domain-specific PII

Try It Out

Live Demo: https://ai-governance-platform-902023244402.us-central1.run.app
API Docs: https://ai-governance-platform-902023244402.us-central1.run.app/docs
Dashboard: https://ai-governance-platform-902023244402.us-central1.run.app/dashboard

Built With

Share this project:

Updates