Skip to content

Constraints & SHACL

Methodology → governance

If a rule matters, it must be enforceable.

Constraints move governance out of “prompt etiquette” and into a layer that can validate, block, and explain. SHACL is one practical way to formalize those constraints for graph-shaped data.

brCausalGraphRAG LLM + Tool + RAG Governance approach

The problem with prompt-only governance

Editable

Instructions can be changed, ignored, or diluted by competing context.

Bypassable

A sufficiently clever prompt can route around “guidelines”.

Hard to audit

You can’t reliably prove which rule was applied, or why an output was allowed.

Not deterministic

Governance becomes a probabilistic behavior, not a system guarantee.

The constraint approach

Encode rules as constraints that validate actions and outputs.

The model can propose; the system decides what is allowed.

flowchart TB;
    D["Draft answer / action"] --> V["Validate constraints"];
    V -->|"Pass"| O["Output / execute"];
    V -->|"Fail"| X["Abstain + explain + log trace"];

What SHACL gives you (practically)

Shape validation

"This claim must have these fields"; "this edge is only allowed between these types".

Policy-as-data

Rules live next to the schema and can be versioned, tested, and reviewed.

Machine-verifiable failures

When the system refuses, it can point to the violated shape and the offending node/edge.

Composable governance

Multiple rule sets (domain, safety, org policy) can be applied as separate validation layers.

Diagram: SHACL validation pipeline (conceptual)

flowchart LR;
    G["Graph state"] --> P["Proposed update</br>(claim/edge)"];
    P --> S["SHACL shapes"];
    S --> R["Validation report"];
    R -->|"Conforms"| C["Commit update"];
    R -->|"Violations"| B["Block + return violations"];

Examples of enforceable constraints

  • Role-based prohibitions: certain actions cannot be executed under a role.
  • Sector restrictions: domain-specific rules (e.g., medical, legal, finance) must gate outputs.
  • Required provenance: high-stakes claims must link to source objects and versions.
  • Threshold limits: numeric or confidence thresholds for allowed decisions.
  • Mandatory escalation: some cases must route to human review.

Operational result

A system that refuses to cross boundaries and produces a machine-verifiable reason when it abstains. This turns governance from “best effort” into an actual property of the system.