Skip to main content
Every time a Guardian evaluates content it returns an action. The middle state differs by policy type: PII policies use PASS / MASK / BLOCK, while Topic policies use PASS / CHECK / BLOCK.

PASS

No rule matched (or only PASSING rules did). Content continues unchanged.

MASK

(PII only) Sensitive spans are replaced with mask tokens. The Guardian returns the masked content.

CHECK

(Topic only) A controversial topic matched — flagged as review-needed. On the Desktop Agent and Proxy Server, CHECK is enforced as PASS (content passes through, recorded in the trace only); API callers receive CHECK directly.

BLOCK

A blocking rule or unsafe topic matched. The request is stopped and nothing is sent onward.

The overall action is the highest severity

A response has a root action and a per-item breakdown. The root action is the most severe action across everything detected, combining PII and Topic results: BLOCK > MASK > CHECK > PASS. So a single blocking match makes the whole request BLOCK, even if other parts would only be masked.

What it looks like (real responses)

MASK — PII matched and was replaced; processed_content holds the masked text. Mask tokens follow the format [<MASK_WORD>_<n>], numbered per category (1-based, in document order, and value-stable — the same original value gets the same number, so two different names become [PERSON_NAME_1] and [PERSON_NAME_2]). The original behind each token is exposed as matched_text, which is what unmaskOutput uses to restore it: 
{
  "action": "MASK",
  "input_results": [{
    "index": 0, "type": "text", "action": "MASK",
    "processed_content": "제 번호는 [PHONE_NUMBER_1] 이고 이메일은 [EMAIL_1] 입니다.",
    "results": [{
      "policy_name": "PII Masking Policy", "policy_type": "PII", "action": "MASK",
      "detected_items": [
        { "rule_type": "regex", "rule_name": "phone_number", "mask_word": "PHONE_NUMBER_1", "matched_text": "010-2543-2513" },
        { "rule_type": "regex", "rule_name": "email", "mask_word": "EMAIL_1", "matched_text": "jane@acme.co.kr" }
      ]
    }]
  }]
}
BLOCK — an unsafe Topic matched; processed_content is null: 
{
  "action": "BLOCK",
  "input_results": [{
    "index": 0, "type": "text", "action": "BLOCK", "processed_content": null,
    "results": [{
      "policy_name": "Topic Policy", "policy_type": "TOPIC", "action": "BLOCK",
      "detected_items": [{ "rule_id": "WPN", "rule_name": "무기", "action": "BLOCK", "confidence": 0.91 }]
    }]
  }]
}
For the full field reference (PII vs. Topic detected_items), see Response format.

Where you see actions

  • API Developers read action from the Guard API response.
  • Account Admins see every action as a trace in Opticon monitoring, tagged PASS / MASK / CHECK / BLOCK (the trace tag keeps CHECK even where it was enforced as PASS).
  • Desktop Agent users experience MASK/BLOCK transparently as they use AI tools.