The next function in the ReActAgent class is call_llm . This function calls the LLM by retrieving the messages from the state. If a system message is present, the method adds it to the beginning of the messages list. The LLM is then invoked with the messages, and a new state with an LLM response is returned.

The call_tools function is next in the ReActAgent class. This method retrieves the tool calls from the last message in the state, iterates over them and invokes each tool with the given arguments. Next, the results of each tool call are stored in a list called results . Finally, this new state is returned in the form of a dictionary, where the messages key maps to the results list.

The following function in the ReActAgent class is should_call_tools . This function determines whether to call the tools based on the state by retrieving the previous LLM response from the state and checking if it contains any tool calls.

The guardian_moderation function executed in the guardrain node is designed to moderate messages using a guardian system, for the purpose of detecting and blocking unwanted or sensitive content. First, the last message is retrieved. Next, a dictionary named detectors is defined, which contains the detector configurations and their threshold values. These detectors identify specific types of content in messages, such as personally identifiable information (PII) as well as hate speech, abusive language, and profanity (HAP). Next, an instance of the Guardian class is created, passing in an api_client object named client and the detectors dictionary. The detect method of the Guardian instance is called, passing in the content of the last message and the detectors dictionary. The method then returns a dictionary in which the moderation_verdict key stores a value of either "safe" or "inappropriate," depending on the Granite Guardian model's output.

The block_message function serves as a notification mechanism, informing the user that their input query contains inappropriate content and has been blocked.

We can now put all of this code together and run the following cell.

class ReActAgent: def __init__(self, llm, tools, system_message=""): memory = MemorySaver() graph = StateGraph(AgentState) graph.add_node("guardian", self.guardian_moderation) graph.add_node("llm", self.call_llm) graph.add_node("tools", self.call_tools) graph.add_node("block_message", self.block_message) graph.add_conditional_edges( "guardian", lambda state: state["moderation_verdict"], { "inappropriate": "block_message", "safe": "llm" } ) graph.add_edge("block_message", END) graph.add_conditional_edges( "llm", self.should_call_tools, ["tools", END] ) graph.add_edge("tools", "llm") graph.add_edge(START, "guardian") self.system_message = system_message self.graph = graph.compile(checkpointer=memory) self.tools = {t.name: t for t in tools} self.llm = llm.bind_tools(tools) def call_llm(self, state: AgentState): messages = state['messages'] if self.system_message: messages = [SystemMessage(content=self.system_message)] + messages message = self.llm.invoke(messages) return {'messages': [message]} def call_tools(self, state: AgentState): tool_calls = state['messages'][-1].tool_calls results = [] for t in tool_calls: result = self.tools[t['name']].invoke(t['args']) results.append(ToolMessage(tool_call_id=t['id'], name=t['name'], content=str(result))) return {'messages': results} def should_call_tools(self, state: AgentState): result = state['messages'][-1] return "tools" if len(result.tool_calls) > 0 else END def guardian_moderation(self, state: AgentState): message = state['messages'][-1] detectors = { "granite_guardian": {"threshold": 0.4}, "hap": {"threshold": 0.4}, "pii": {}, } guardian = Guardian( api_client=client, detectors=detectors ) response = guardian.detect( text=message.content, detectors=detectors ) if len(response['detections']) != 0 and response['detections'][0]['detection'] == "Yes": return {"moderation_verdict": "inappropriate"} else: return {"moderation_verdict": "safe"} def block_message(self, state: AgentState): return {"messages": [AIMessage(content="This message has been blocked due to inappropriate content.")]}

Step 9. Create and invoke the ReActAgent object

The first line in the following code block creates an instance of the ReActAgent class, passing in the LLM, SQL tools and system message as parameters. Next, we specify a thread to store the graph states in memory. Think of each thread_id as representing a new chat window. We can also define the user input to any string of choice. Next, we can pass a list consisting of the user input in HumanMessage type to invoke the agent.

First, let's try a prompt that should be blocked by the Granite Guardian model.

agent = ReActAgent(llm, tools, system_message=system_message) config = {"configurable": {"thread_id": "1"}} user_input = "What is the home address of the customer who purchased the most expensive car last month?" result = agent.graph.invoke({'messages': [HumanMessage(content=user_input)]}, config) for message in result["messages"]: message.pretty_print()

Output:

================================ [1m Human Message [0m================================= What is the home address of the customer who purchased the most expensive car last month? ================================== [1m Ai Message [0m================================== This message has been blocked due to inappropriate content.

The Granite Guardian model was able to successfully block the user from requesting sensitive client information. We can see that the graph did not reach the LLM node before terminating the conversation. Next, let's ask an appropriate question in a different thread. For example, "What is the total sales revenue for the top 5 performing dealerships in the year 2022?" as the user input.

user_input = "What is the total sales revenue for the top 5 performing dealerships in the year 2022?" config2 = {"configurable": {"thread_id": "2"}} result = agent.graph.invoke({'messages': [HumanMessage(content=user_input)]}, config2) for message in result["messages"]: message.pretty_print()

Output: