4.1 Input Guardrails

**Query validation**: Reject empty queries, queries exceeding maximum length, and queries that consist solely of special characters. - **PII detection**: Detect and optionally redact personally identifiable information (email addresses, phone numbers, SSNs) from user queries before they are sent to