Building an Agent with Guardrails

AI agents are useful because they can call tools and act on user requests. That same flexibility makes them easy to steer off topic. In this workshop, we build a Data Engineering Zoomcamp FAQ agent and add guardrails around it.

The live training starts with the FAQ bot context. We cover what data it uses, what questions it should answer, and where a normal RAG pipeline stops. From there, we turn the RAG pipeline into an agent with one search tool and add guardrails layer by layer.

Workshop flow

The examples use Python, Pydantic, minsearch, and the plain OpenAI Python SDK.

We build the workshop in this order:

• The Data Engineering Zoomcamp FAQ JSON data.
• A RAG baseline with keyword search.
• A framework-neutral agent loop with one search tool.
• Input checks for topic and intent.
• An async runner that can cancel the FAQ agent.
• Output checks for unsafe promises or policy violations.
• Multiple guardrails with clear responsibilities.
• Concurrent guardrail checks that keep latency low.

We implement the agent loop ourselves so the guardrail pattern isn't tied to a specific agent framework.

The guardrail ideas are inspired by the OpenAI Agents SDK guardrails. We implement them directly because not every framework has the same built-in support. If your agent framework doesn't provide input and output guardrails, you can still use the pattern from this workshop.

Prerequisites

Before the workshop, make sure you have:

• Python 3.10 or newer.
• uv for the Python environment.
• Jupyter Notebook.
• An OpenAI API key, or another model provider you can call from Python.

Links

Resources mentioned in the live training:

• OpenAI function calling guide
• Data Engineering Zoomcamp repository
• Data Engineering Zoomcamp FAQ JSON