GWS ModelArmor Fast

Rapid-execution variant of Google Workspace ModelArmor operations optimized for quick sanitization checks, template lookups, and content safety validations with minimal overhead.

When to Use This Command

Run this command when you need fast, no-frills ModelArmor operations without the overhead of full schema inspection or verbose output.

• You need sub-second content safety checks in an interactive workflow
• You are running batch sanitization across multiple prompts in a script
• You want quick template validation without the full discovery workflow
• You are integrating safety checks into a chat application with latency requirements

Use it also when:

• You need to verify a single prompt passes safety rules during development
• You want streamlined output suitable for piping into other tools

Quick Start

Copy
# .claude/commands/gws-modelarmor-fast.md
name: gws-modelarmor-fast
description: Fast ModelArmor content safety checks
arguments:
  operation: The ModelArmor operation and arguments

Copy
# Quick sanitize check
claude gws-modelarmor-fast "+sanitize-prompt --template projects/P/locations/L/templates/T --text 'normal user question'"

Expected output:
{
  "allowed": true,
  "processingTimeMs": 45
}

Core Concepts

Concept	Description
Fast Path	Skips schema discovery and goes directly to API execution
Batch Mode	Process multiple prompts sequentially with a single auth check
Minimal Output	Returns only the sanitization verdict, not full filter details
Pre-validated	Assumes template and auth are already configured correctly
Latency Budget	Targets sub-100ms round-trip for cached template evaluations

Fast Execution Path:
  Input ──> Auth Cache ──> Direct API Call ──> Verdict
    │         (skip)          (no schema)       │
    └─────────────────────────────────────── Output
              (no discovery, no dry-run)

Configuration

Parameter	Default	Description
template	required	Full resource name of the ModelArmor template
text	stdin	Text content to sanitize
format	json	Output format for the result
json	none	Full JSON request body
timeout	5000	Request timeout in milliseconds

Best Practices

1. Pre-validate your template once -- Run the full gws-modelarmor-streamlined command first to verify your template works, then switch to the fast variant for repeated use.

2. Cache authentication tokens -- Ensure gws auth login has been run recently so the fast path does not encounter expired credentials mid-batch.

3. Use JSON format for pipeline integration -- The default JSON output is easiest to parse programmatically; avoid table format when chaining with jq or other tools.

4. Set appropriate timeouts -- For latency-sensitive applications, configure the timeout to match your SLA and handle timeout errors gracefully in your script.

5. Monitor error rates in batch processing -- When processing many prompts, track the ratio of API errors to successful calls and back off if rate limits are hit.

Common Issues

1. Stale authentication token -- The fast path skips auth validation for speed. If you encounter 401 errors mid-batch, run gws auth login to refresh your credentials, then resume processing from the last successful item rather than restarting the entire batch.

2. Rate limiting on batch operations -- Google APIs enforce per-minute quotas that vary by project and API. Add a 100-200ms delay between calls or implement exponential backoff when processing large batches. Monitor the X-RateLimit-Remaining response header to anticipate throttling before it happens.

3. Missing template permissions -- Even with valid authentication, the service account or user may lack access to the specified template. Verify IAM permissions on the ModelArmor resource using the GCP console under IAM & Admin. The required permission is modelarmor.templates.use for sanitization operations.

Performance Optimization

The fast variant achieves its speed by eliminating the schema discovery step and going directly to API execution. In typical deployments, cached template evaluations complete in 30-80ms, while cold evaluations may take 150-300ms on first invocation. For interactive chat applications with strict latency budgets, consider implementing a local result cache keyed on a hash of the prompt text to avoid redundant sanitization calls for identical inputs. When processing more than 50 prompts per minute, monitor your API quota dashboard proactively and request a limit increase before hitting production. The fast path supports piping results directly to jq for inline extraction: gws modelarmor +sanitize-prompt ... | jq '.allowed'. For fire-and-forget safety logging, redirect full output to an audit log file while extracting only the verdict for your application logic.