feat: add CrowdStrike AIDR community integration

[kenany]

Description

Adds a new community integration for CrowdStrike AIDR. This is effectively an evolution of the Pangea AI Guard (#1300) product, so the guardrail works functionally the same as that existing integration minus some API differences.

@Pouyanpi

Checklist

• I've read the CONTRIBUTING guidelines.
• I've updated the documentation if applicable.
• I've added tests if applicable.
• @mentions of the person or team responsible for reviewing proposed changes.

[github-actions]

Documentation preview

https://nvidia-nemo.github.io/Guardrails/review/pr-1601

[greptile-apps]

Greptile Summary

Added a new community integration for CrowdStrike AIDR, enabling AI application protection through configurable detection policies for prompt injection, sensitive data exposure, malicious entities, toxic content, and topic violations.

Key changes:

• Implemented crowdstrike_aidr_guard action with input/output rail support
• Added Colang v1 and v2 flow definitions for guardrail integration
• Provided comprehensive test coverage including blocked, transformed, error, and edge cases
• Created documentation and example configurations for both Colang versions
• Updated guardrail catalog with CrowdStrike AIDR entry

Implementation notes:

• Follows the same pattern as Pangea AI Guard integration with API differences
• Uses environment variables CS_AIDR_TOKEN and CS_AIDR_BASE_URL_TEMPLATE for configuration
• Implements graceful error handling that allows messages through on API failures (fail-open approach)
• Supports message transformation for PII masking and content modification

Confidence Score: 5/5

• This PR is safe to merge with minimal risk
• The implementation closely follows established patterns from Pangea AI Guard, includes comprehensive tests covering all scenarios (blocked, transformed, errors, edge cases), has clear documentation, and implements proper error handling. The code is well-structured, maintains consistency with existing integrations, and includes both Colang v1 and v2 support.
• No files require special attention

Important Files Changed

Filename	Overview
nemoguardrails/library/crowdstrike_aidr/actions.py	New action implementing CrowdStrike AIDR API integration with proper error handling and message transformation
nemoguardrails/library/crowdstrike_aidr/flows.co	Colang v2 flow definitions for input/output guardrails with proper blocking and transformation logic
nemoguardrails/library/crowdstrike_aidr/flows.v1.co	Colang v1 flow definitions matching v2 behavior with correct event handling
tests/test_crowdstrike_aidr_guard.py	Comprehensive test coverage for blocked, transformed, error, and edge case scenarios

Sequence Diagram

sequenceDiagram
    participant User
    participant NeMoGuardrails
    participant CrowdStrikeAIDR as CrowdStrike AIDR API
    participant LLM

    Note over User,LLM: Input Rail Flow
    User->>NeMoGuardrails: Send message
    NeMoGuardrails->>NeMoGuardrails: Trigger input rail flow
    NeMoGuardrails->>CrowdStrikeAIDR: POST /v1/guard_chat_completions<br/>(messages with user input)
    CrowdStrikeAIDR-->>NeMoGuardrails: Return result (blocked/transformed)
    alt Message blocked
        NeMoGuardrails-->>User: Return "I don't know the answer"
    else Message transformed
        NeMoGuardrails->>NeMoGuardrails: Update user_message with transformed content
        NeMoGuardrails->>LLM: Send transformed message
        LLM-->>NeMoGuardrails: Generate response
        NeMoGuardrails->>NeMoGuardrails: Trigger output rail flow
        NeMoGuardrails->>CrowdStrikeAIDR: POST /v1/guard_chat_completions<br/>(messages with bot response)
        CrowdStrikeAIDR-->>NeMoGuardrails: Return result (blocked/transformed)
        alt Response blocked
            NeMoGuardrails-->>User: Return "I don't know the answer"
        else Response transformed
            NeMoGuardrails->>NeMoGuardrails: Update bot_message with transformed content
            NeMoGuardrails-->>User: Return transformed response
        else Response allowed
            NeMoGuardrails-->>User: Return original response
        end
    else Message allowed
        NeMoGuardrails->>LLM: Send original message
        LLM-->>NeMoGuardrails: Generate response
        NeMoGuardrails-->>User: Return response (via output rail)
    end

    Note over NeMoGuardrails,CrowdStrikeAIDR: Error Handling
    CrowdStrikeAIDR--xNeMoGuardrails: API Error (4xx/5xx)
    NeMoGuardrails->>NeMoGuardrails: Log error, set blocked=false<br/>Allow message through

Loading

[greptile-apps]

Greptile found no issues!

From now on, if a review finishes and we haven't found any issues, we will not post anything, but you can confirm that we reviewed your changes in the status check section.

_{This feature can be toggled off in your Code Review Settings by deselecting "Create a status check for each PR".}

[cparisien]

Nice! @kenany should this replace/deprecate the existing Pangea guardrail?

[codecov]

Codecov Report

❌ Patch coverage is 98.30508% with 1 line in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
nemoguardrails/library/crowdstrike_aidr/actions.py	98.30%	1 Missing ⚠️

📢 Thoughts on this report? Let us know!

[kenany]

should this replace/deprecate the existing Pangea guardrail?

Eventually, yeah. You can expect a PR from me in the future for that.

[cparisien]

should this replace/deprecate the existing Pangea guardrail?

Eventually, yeah. You can expect a PR from me in the future for that.

OK great. Can you do us a favour and add a comment to the doc, to this effect? I see you put it right beside the Pangea snippet which is good, so please add something short saying that this is an evolution of the Pangea tool, as part of CrowdStrike's continued development of the Pangea technology. Something like that, up to you. And comment that you expect to deprecate the Pangea connector. Thanks!