docs: Update Cody Guardrails documentation with known limitations (#1181)

## Update Cody Guardrails Documentation with Known Limitations

This PR enhances the Cody Guardrails documentation by adding clarity
around limitations and requirements.

### Changes Made

**Added Known Limitations Section:**
- Exact string matching requirement (10+ lines of code)
- Coverage details: ~290,000 indexed open source repositories
- BYOK limitation - requires Cody Gateway access
- Platform support clarification (Web app, VS Code, JetBrains IDEs)

**Updated Callout:**
- More specific about Enterprise + Cody Gateway requirements
- Clearer messaging about BYOK incompatibility

### Why These Changes

The previous documentation didn't clearly communicate important
limitations that affect customer deployments, particularly around BYOK
compatibility and the exact matching mechanism.

Author: aramaraju

docs/cody/enterprise/features.mdx

@@ -10,7 +10,7 @@ Site administrators can set the duration of access tokens for users connecting C
 
 ## Guardrails
 
-<Callout type= "note">Guardrails for public code is currently in Beta and is supported with VS Code, JetBrains IDEs extensions and Sourcegraph Web app.</Callout>
+<Callout type= "note">Guardrails for public code is only supported on VS Code, JetBrains IDEs extension, and Sourcegraph Web app for Cody Enterprise customers using [Cody Gateway](https://sourcegraph.com/docs/cody/core-concepts/cody-gateway#sourcegraph-cody-gateway). It is not supported for any BYOK (Bring Your Own Key) deployments. </Callout>
 
 Open source attribution guardrails for public code, commonly called copyright guardrails, reduce the exposure to copyrighted code. This involves implementing a verification mechanism within Cody to ensure that any code generated by the platform does not replicate open source code.
 
@@ -22,6 +22,12 @@ Guardrails don't differentiate between license types. It matches any code snippe
 
 You can `enforce` a Guardrails check to prevent any matching code from being shown to the user. To do so, site admins need to add `"attribution.mode": "enforced"` in the **Site configuration** setting. This will configure the settings for Cody IDE extensions VS Code (v1.82+) or JetBrains (v7.82+) accordingly and will enforce not to display code until attribution checks have finished.
 
+### Known Limitations
+1. Guardrails work through an exact string match across ten or more lines, which means extra comments or name changes may not trigger the check
+2. The strings are compared against around **290,000** indexed open source repositories, consisting of all license types, including permissive and non-permissive licenses
+3. Guardrails requires access to the Cody Gateway, which means it's not supported for any customers using BYOK (Bring Your Own Key)
+4. Guardrails is only supported on the Sourcegraph Web app, and the IDE extensions in VS Code, JetBrains IDEs, for chat and autocomplete
+
 ## Admin controls
 
 <Callout type="note">Admin controls are supported with VS Code and JetBrains IDE extension.</Callout>