@highflame/policy 2.1.3 → 2.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +41 -0
- package/_schemas/guardrails/context.json +466 -76
- package/_schemas/guardrails/schema.cedarschema +39 -3
- package/_schemas/guardrails/templates/defaults/injection.cedar +6 -6
- package/_schemas/guardrails/templates/profiles/chat_assistant/security.cedar +2 -2
- package/_schemas/guardrails/templates/profiles/data_pipeline/security.cedar +1 -1
- package/_schemas/overwatch/context.json +443 -5
- package/_schemas/overwatch/schema.cedarschema +42 -4
- package/_schemas/palisade/context.json +1 -1
- package/_schemas/sentry/context.json +1165 -0
- package/_schemas/sentry/schema.cedarschema +388 -0
- package/_schemas/sentry/templates/defaults/baseline.cedar +24 -0
- package/_schemas/sentry/templates/defaults/content_safety.cedar +232 -0
- package/_schemas/sentry/templates/defaults/file_safety.cedar +174 -0
- package/_schemas/sentry/templates/defaults/organization.cedar +207 -0
- package/_schemas/sentry/templates/defaults/pii.cedar +229 -0
- package/_schemas/sentry/templates/defaults/semantic.cedar +167 -0
- package/_schemas/sentry/templates/templates.json +93 -0
- package/dist/builder.d.ts +32 -0
- package/dist/builder.js +6 -6
- package/dist/condition-groups.d.ts +69 -0
- package/dist/condition-groups.js +305 -0
- package/dist/guardrails-context.gen.d.ts +19 -2
- package/dist/guardrails-context.gen.js +19 -2
- package/dist/guardrails-defaults.gen.js +9 -9
- package/dist/index.d.ts +6 -1
- package/dist/index.js +6 -1
- package/dist/overwatch-context.gen.d.ts +17 -0
- package/dist/overwatch-context.gen.js +17 -0
- package/dist/sentry-context.gen.d.ts +76 -0
- package/dist/sentry-context.gen.js +77 -0
- package/dist/sentry-defaults.gen.d.ts +61 -0
- package/dist/sentry-defaults.gen.js +1235 -0
- package/dist/sentry-entities.gen.d.ts +11 -0
- package/dist/sentry-entities.gen.js +33 -0
- package/dist/service-schemas.gen.d.ts +12 -2
- package/dist/service-schemas.gen.js +861 -25
- package/dist/types.d.ts +6 -1
- package/dist/types.js +6 -1
- package/package.json +1 -1
- package/_schemas/guardrails/templates/profiles/chat_assistant.cedar +0 -85
- package/_schemas/guardrails/templates/profiles/code_agent.cedar +0 -125
- package/_schemas/guardrails/templates/profiles/data_pipeline.cedar +0 -111
|
@@ -120,8 +120,12 @@ action process_prompt appliesTo {
|
|
|
120
120
|
|
|
121
121
|
// --- ML Detector Confidence Scores (0-100) ---
|
|
122
122
|
pii_confidence: Long, // PII detection classifier confidence
|
|
123
|
-
injection_confidence: Long, //
|
|
124
|
-
jailbreak_confidence: Long, //
|
|
123
|
+
injection_confidence: Long, // Combined injection confidence: MAX(pulse, deep_context)
|
|
124
|
+
jailbreak_confidence: Long, // Combined jailbreak confidence: MAX(pulse, deep_context)
|
|
125
|
+
injection_pulse_score?: Long, // 0-100 Pulse single-turn classifier
|
|
126
|
+
injection_deep_context_score?: Long, // 0-100 DeepContext multi-turn
|
|
127
|
+
jailbreak_pulse_score?: Long, // 0-100 Pulse single-turn classifier
|
|
128
|
+
jailbreak_deep_context_score?: Long, // 0-100 DeepContext multi-turn
|
|
125
129
|
|
|
126
130
|
// --- Agent Security (0-100) ---
|
|
127
131
|
indirect_injection_score: Long, // Indirect prompt injection risk (OWASP LLM01, ASI01)
|
|
@@ -134,6 +138,12 @@ action process_prompt appliesTo {
|
|
|
134
138
|
session_injection_detected?: Bool,
|
|
135
139
|
session_command_injection?: Bool,
|
|
136
140
|
session_threat_turns?: Long,
|
|
141
|
+
session_max_injection_score?: Long,
|
|
142
|
+
session_max_jailbreak_score?: Long,
|
|
143
|
+
session_max_command_injection_score?: Long,
|
|
144
|
+
session_max_pii_score?: Long,
|
|
145
|
+
session_max_secret_score?: Long,
|
|
146
|
+
session_cumulative_risk_score?: Long,
|
|
137
147
|
|
|
138
148
|
// --- Legacy ---
|
|
139
149
|
prompt_text?: String, // Same as content (backward compatibility)
|
|
@@ -196,8 +206,12 @@ action call_tool appliesTo {
|
|
|
196
206
|
|
|
197
207
|
// --- ML Detector Confidence Scores (0-100) ---
|
|
198
208
|
pii_confidence?: Long,
|
|
199
|
-
injection_confidence?: Long,
|
|
200
|
-
jailbreak_confidence?: Long,
|
|
209
|
+
injection_confidence?: Long, // Combined injection confidence: MAX(pulse, deep_context)
|
|
210
|
+
jailbreak_confidence?: Long, // Combined jailbreak confidence: MAX(pulse, deep_context)
|
|
211
|
+
injection_pulse_score?: Long, // 0-100 Pulse single-turn classifier
|
|
212
|
+
injection_deep_context_score?: Long, // 0-100 DeepContext multi-turn
|
|
213
|
+
jailbreak_pulse_score?: Long, // 0-100 Pulse single-turn classifier
|
|
214
|
+
jailbreak_deep_context_score?: Long, // 0-100 DeepContext multi-turn
|
|
201
215
|
|
|
202
216
|
// --- Agent Security (0-100) --- (OWASP ASI01, ASI02, ASI04; MITRE AML.T0051)
|
|
203
217
|
tool_poisoning_score?: Long, // Hidden instructions in tool description/args
|
|
@@ -231,6 +245,12 @@ action call_tool appliesTo {
|
|
|
231
245
|
session_injection_detected?: Bool,
|
|
232
246
|
session_command_injection?: Bool,
|
|
233
247
|
session_threat_turns?: Long,
|
|
248
|
+
session_max_injection_score?: Long,
|
|
249
|
+
session_max_jailbreak_score?: Long,
|
|
250
|
+
session_max_command_injection_score?: Long,
|
|
251
|
+
session_max_pii_score?: Long,
|
|
252
|
+
session_max_secret_score?: Long,
|
|
253
|
+
session_cumulative_risk_score?: Long,
|
|
234
254
|
|
|
235
255
|
// --- Legacy ---
|
|
236
256
|
response_content?: String,
|
|
@@ -275,6 +295,12 @@ action connect_server appliesTo {
|
|
|
275
295
|
session_injection_detected?: Bool,
|
|
276
296
|
session_command_injection?: Bool,
|
|
277
297
|
session_threat_turns?: Long,
|
|
298
|
+
session_max_injection_score?: Long,
|
|
299
|
+
session_max_jailbreak_score?: Long,
|
|
300
|
+
session_max_command_injection_score?: Long,
|
|
301
|
+
session_max_pii_score?: Long,
|
|
302
|
+
session_max_secret_score?: Long,
|
|
303
|
+
session_cumulative_risk_score?: Long,
|
|
278
304
|
},
|
|
279
305
|
};
|
|
280
306
|
|
|
@@ -317,6 +343,12 @@ action read_file appliesTo {
|
|
|
317
343
|
session_injection_detected?: Bool,
|
|
318
344
|
session_command_injection?: Bool,
|
|
319
345
|
session_threat_turns?: Long,
|
|
346
|
+
session_max_injection_score?: Long,
|
|
347
|
+
session_max_jailbreak_score?: Long,
|
|
348
|
+
session_max_command_injection_score?: Long,
|
|
349
|
+
session_max_pii_score?: Long,
|
|
350
|
+
session_max_secret_score?: Long,
|
|
351
|
+
session_cumulative_risk_score?: Long,
|
|
320
352
|
},
|
|
321
353
|
};
|
|
322
354
|
|
|
@@ -359,6 +391,12 @@ action write_file appliesTo {
|
|
|
359
391
|
session_injection_detected?: Bool,
|
|
360
392
|
session_command_injection?: Bool,
|
|
361
393
|
session_threat_turns?: Long,
|
|
394
|
+
session_max_injection_score?: Long,
|
|
395
|
+
session_max_jailbreak_score?: Long,
|
|
396
|
+
session_max_command_injection_score?: Long,
|
|
397
|
+
session_max_pii_score?: Long,
|
|
398
|
+
session_max_secret_score?: Long,
|
|
399
|
+
session_cumulative_risk_score?: Long,
|
|
362
400
|
},
|
|
363
401
|
};
|
|
364
402
|
|