You wrote a tool with a clear docstring: "Maximum 10 guests per booking." Your agent calls it with 15 guests and gets back "SUCCESS." The rule was ignored because prompts and docstrings are suggestions, not constraints. It is the problem web developers solved decades ago: never trust user input, validate on the server. For agents, validate at the tool layer. I'll build a guardrail system live with two parts. Rules defined as Python dataclasses, typed and testable, each naming the tool, parameter, and threshold. And a hook that intercepts every tool call before execution. The demo runs three invalid requests through two agents: the prompt-only one allows all three, the hook-based one blocks all three. Then the upgrade: instead of hard-failing, the hook returns a steer message that guides the agent to fix its own call (15 guests becomes 10) and stay helpful while inside the rules. You'll walk away with: • A hook-based validation pattern that works with any agent framework • Rules as dataclasses you can test and version independently • How to steer the agent to self-correct instead of dead-ending • Open-source code adaptable to payments, compliance, or any domain

Outline: • The Prompt Engineering Failure • Neurosymbolic Architecture • Live Implementation: Blocking • From Blocking to Steering • Production Patterns and Q&A