We've finalized M5 by introducing a comprehensive guardrail system, including content filtering, PII redaction, and a robust prompt-injection taint layer. Untrusted content is now tracked, automatically gating downstream tool calls with configurable policy enforcement—like block-or-approve workflows for tainted context. This significantly tightens our agent's security posture against malicious inputs. Security Guard

Implemented guardrails and prompt-injection protection layer - subh05sus/anvil-js