Drupal is a registered trademark of Dries Buytaert
drupal 11.3.8 Update released for Drupal core (11.3.8)! drupal 11.3.7 Update released for Drupal core (11.3.7)! drupal 11.2.11 Update released for Drupal core (11.2.11)! drupal 10.6.7 Update released for Drupal core (10.6.7)! drupal 10.5.9 Update released for Drupal core (10.5.9)! cms 2.1.1 Update released for Drupal core (2.1.1)! drupal 11.3.6 Update released for Drupal core (11.3.6)! drupal 10.6.6 Update released for Drupal core (10.6.6)! cms 2.1.0 Update released for Drupal core (2.1.0)! linkit 7.0.14 Minor update available for module linkit (7.0.14). masquerade 8.x-2.2 Minor update available for module masquerade (8.x-2.2). video_embed_field 3.1.0 Minor update available for module video_embed_field (3.1.0). bootstrap 8.x-3.40 Minor update available for theme bootstrap (8.x-3.40). menu_link_attributes 8.x-1.7 Minor update available for module menu_link_attributes (8.x-1.7). editoria11y 3.0.0 Major update available for module editoria11y (3.0.0). trash 3.0.27 Minor update available for module trash (3.0.27). twig_tweak 4.0.0-alpha2 New alpha version released for module twig_tweak (4.0.0-alpha2). twig_tweak 4.0.0-alpha1 First alpha version released for module twig_tweak (4.0.0-alpha1). node_revision_delete 2.1.1 Minor update available for module node_revision_delete (2.1.1). commerce_paypal 2.1.2 Minor update available for module commerce_paypal (2.1.2).
← All modules

ai_recipe_validations_image_safety

No security coverage
View on drupal.org

Validates uploaded images on the Media: Image bundle using a vision-capable AI provider. Blocks content that falls outside the "Safe" tier of Flickr-style safety levels — nudity, sexually suggestive material, gore, graphic violence, and graphic medical imagery — at upload time, across the admin UI, JSON:API, and programmatic saves.

Recipes Applied

Modules and Themes Installed

Requirements

  • Drupal 10.3 or newer
  • AI module 1.3 or newer (provides the verifySetupAi config action)
  • A configured default provider for the chat_with_image_vision operation type at /admin/config/ai/settings → Default Providers. Any vision-capable provider works (OpenAI GPT-4o, Anthropic Claude 3.5 Sonnet, Google Gemini 1.5 Pro, etc.).

If chat_with_image_vision has no default model configured, the recipe apply will abort cleanly with a message from the AI module's preflight check.

Installation

Add the recipe with the following Composer command:

composer require drupal/ai_recipe_validations_image_safety

What it does

  • Creates a Field Validation rule set on the Media: Image bundle's field_media_image field.
  • Runs the AI image constraint on every image upload, classifying the image into Safe / Moderate / Restricted tiers.
  • Blocks anything outside the Safe tier with a clear error message to the editor.
  • Catches uploads from the admin UI, the Media Library, JSON:API posts, migrations, and programmatic $entity->save() calls.

Adjusting the threshold

The default behavior blocks both Moderate and Restricted content. To allow Moderate content (mature but not explicit) and block only Restricted (explicit / graphic), edit the ai_image_safety rule at Structure → Field Validation → AI image safety (Media: Image) and update the prompt's decision block. Full instructions are in the project README.

Cost note

Every image upload triggers one vision-model API call. Bulk migrations, imports, or high-volume user upload flows will incur proportional cost. Test with your provider's pricing before rolling out to production.

Bugs and Feedback

If you encounter any bugs or have feedback about this recipe, please file an issue in the project issue queue.

Credits

Developed as part of the AI Initiative. See the originating issue: #3585696.

Activity

Total releases
1
First release
Apr 2026
Latest release
23 hours ago
Release cadence
Stability
0% stable

Releases

Version Type Release date
1.0.x-dev Dev Apr 27, 2026