@highflame/policy 2.1.35 → 2.1.37
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/_schemas/ai_gateway/context.json +431 -11
- package/_schemas/ai_gateway/schema.cedarschema +91 -11
- package/_schemas/ai_gateway/templates/defaults/agent_security.cedar +66 -43
- package/_schemas/ai_gateway/templates/defaults/baseline.cedar +9 -11
- package/_schemas/ai_gateway/templates/defaults/semantic.cedar +63 -40
- package/_schemas/ai_gateway/templates/defaults/tools.cedar +48 -36
- package/_schemas/ai_gateway/templates/llm_default_allow.cedar +9 -10
- package/_schemas/ai_gateway/templates/mcp_server_allowlist.cedar +22 -14
- package/_schemas/ai_gateway/templates/mcp_tool_permissions.cedar +29 -27
- package/_schemas/ai_gateway/templates/pii_redaction.cedar +38 -33
- package/_schemas/ai_gateway/templates/templates.json +52 -50
- package/_schemas/guardrails/context.json +12 -12
- package/_schemas/guardrails/schema.cedarschema +12 -12
- package/_schemas/guardrails/templates/defaults/agent_identity.cedar +60 -56
- package/_schemas/guardrails/templates/defaults/agentic_safety.cedar +83 -58
- package/_schemas/guardrails/templates/defaults/baseline.cedar +9 -12
- package/_schemas/guardrails/templates/defaults/injection.cedar +48 -36
- package/_schemas/guardrails/templates/defaults/pii.cedar +27 -20
- package/_schemas/guardrails/templates/defaults/secrets.cedar +39 -22
- package/_schemas/guardrails/templates/defaults/security_patterns.cedar +38 -25
- package/_schemas/guardrails/templates/defaults/semantic.cedar +47 -31
- package/_schemas/guardrails/templates/defaults/tool_risk.cedar +34 -26
- package/_schemas/guardrails/templates/defaults/toxicity.cedar +57 -47
- package/_schemas/guardrails/templates/mcp_tool_permissions.cedar +60 -43
- package/_schemas/guardrails/templates/profiles/a2a_security/cross_origin.cedar +29 -42
- package/_schemas/guardrails/templates/profiles/a2a_security/escalation_detection.cedar +43 -57
- package/_schemas/guardrails/templates/profiles/a2a_security/identity_enforcement.cedar +40 -57
- package/_schemas/guardrails/templates/profiles/a2a_security/inter_agent_injection.cedar +48 -62
- package/_schemas/guardrails/templates/profiles/a2a_security/supply_chain.cedar +40 -56
- package/_schemas/guardrails/templates/profiles/advanced_detection/pii.cedar +24 -34
- package/_schemas/guardrails/templates/profiles/advanced_detection/secrets.cedar +45 -37
- package/_schemas/guardrails/templates/profiles/advanced_detection/threat_severity.cedar +11 -16
- package/_schemas/guardrails/templates/profiles/chat_assistant/privacy.cedar +22 -9
- package/_schemas/guardrails/templates/profiles/chat_assistant/security.cedar +27 -15
- package/_schemas/guardrails/templates/profiles/chat_assistant/trust_safety.cedar +37 -22
- package/_schemas/guardrails/templates/profiles/code_agent/agentic_security.cedar +68 -47
- package/_schemas/guardrails/templates/profiles/code_agent/encoding.cedar +17 -21
- package/_schemas/guardrails/templates/profiles/code_agent/path_security.cedar +74 -73
- package/_schemas/guardrails/templates/profiles/code_agent/security.cedar +13 -9
- package/_schemas/guardrails/templates/profiles/code_agent/supply_chain.cedar +36 -58
- package/_schemas/guardrails/templates/profiles/data_pipeline/agentic_security.cedar +22 -15
- package/_schemas/guardrails/templates/profiles/data_pipeline/data_protection.cedar +52 -0
- package/_schemas/guardrails/templates/profiles/data_pipeline/privacy.cedar +41 -18
- package/_schemas/guardrails/templates/profiles/data_pipeline/security.cedar +18 -36
- package/_schemas/guardrails/templates/profiles/multi_agent/agent_safety.cedar +86 -79
- package/_schemas/guardrails/templates/profiles/multi_agent/agent_trust.cedar +73 -70
- package/_schemas/guardrails/templates/templates.json +198 -217
- package/_schemas/overwatch/context.json +14 -14
- package/_schemas/overwatch/schema.cedarschema +12 -12
- package/_schemas/sentry/context.json +11 -11
- package/_schemas/sentry/schema.cedarschema +11 -11
- package/_schemas/sentry/templates/defaults/baseline.cedar +8 -12
- package/_schemas/sentry/templates/defaults/clipboard.cedar +43 -42
- package/_schemas/sentry/templates/defaults/content_safety.cedar +38 -68
- package/_schemas/sentry/templates/defaults/file_safety.cedar +18 -26
- package/_schemas/sentry/templates/defaults/organization.cedar +10 -17
- package/_schemas/sentry/templates/defaults/pii.cedar +52 -73
- package/_schemas/sentry/templates/defaults/secrets.cedar +65 -58
- package/_schemas/sentry/templates/defaults/semantic.cedar +40 -59
- package/_schemas/sentry/templates/templates.json +53 -43
- package/dist/ai_gateway-context.gen.d.ts +18 -4
- package/dist/ai_gateway-context.gen.js +18 -4
- package/dist/ai_gateway-defaults.gen.d.ts +4 -1
- package/dist/ai_gateway-defaults.gen.js +398 -320
- package/dist/builder.d.ts +2 -1
- package/dist/builder.js +5 -2
- package/dist/guardrails-context.gen.d.ts +5 -5
- package/dist/guardrails-context.gen.js +5 -5
- package/dist/guardrails-defaults.gen.d.ts +4 -1
- package/dist/guardrails-defaults.gen.js +2130 -1903
- package/dist/overwatch-context.gen.d.ts +5 -5
- package/dist/overwatch-context.gen.js +5 -5
- package/dist/overwatch-defaults.gen.d.ts +4 -1
- package/dist/overwatch-defaults.gen.js +560 -566
- package/dist/sentry-context.gen.d.ts +3 -3
- package/dist/sentry-context.gen.js +3 -3
- package/dist/sentry-defaults.gen.d.ts +4 -1
- package/dist/sentry-defaults.gen.js +392 -453
- package/dist/service-schemas.gen.d.ts +4 -4
- package/dist/service-schemas.gen.js +249 -99
- package/package.json +1 -1
|
@@ -62,7 +62,7 @@
|
|
|
62
62
|
"description": "Numeric severity (0-4)"
|
|
63
63
|
},
|
|
64
64
|
{
|
|
65
|
-
"key": "
|
|
65
|
+
"key": "secrets_detected",
|
|
66
66
|
"type": "boolean",
|
|
67
67
|
"required": false,
|
|
68
68
|
"description": "Whether secrets/credentials detected"
|
|
@@ -98,13 +98,19 @@
|
|
|
98
98
|
"description": "Number of PII matches"
|
|
99
99
|
},
|
|
100
100
|
{
|
|
101
|
-
"key": "
|
|
101
|
+
"key": "pii_score",
|
|
102
|
+
"type": "number",
|
|
103
|
+
"required": false,
|
|
104
|
+
"description": "PII classifier confidence (0-100)"
|
|
105
|
+
},
|
|
106
|
+
{
|
|
107
|
+
"key": "injection_score",
|
|
102
108
|
"type": "number",
|
|
103
109
|
"required": false,
|
|
104
110
|
"description": "Injection classifier confidence (0-100)"
|
|
105
111
|
},
|
|
106
112
|
{
|
|
107
|
-
"key": "
|
|
113
|
+
"key": "jailbreak_score",
|
|
108
114
|
"type": "number",
|
|
109
115
|
"required": false,
|
|
110
116
|
"description": "Jailbreak classifier confidence (0-100)"
|
|
@@ -206,7 +212,7 @@
|
|
|
206
212
|
"description": "Profanity score (0-100)"
|
|
207
213
|
},
|
|
208
214
|
{
|
|
209
|
-
"key": "
|
|
215
|
+
"key": "invisible_chars_detected",
|
|
210
216
|
"type": "boolean",
|
|
211
217
|
"required": false,
|
|
212
218
|
"description": "Invisible Unicode chars detected"
|
|
@@ -246,6 +252,84 @@
|
|
|
246
252
|
"type": "number",
|
|
247
253
|
"required": false,
|
|
248
254
|
"description": "Sequence risk score (0-100)"
|
|
255
|
+
},
|
|
256
|
+
{
|
|
257
|
+
"key": "session_threat_turns",
|
|
258
|
+
"type": "number",
|
|
259
|
+
"required": false,
|
|
260
|
+
"description": "Count of turns with detected threats in this session"
|
|
261
|
+
},
|
|
262
|
+
{
|
|
263
|
+
"key": "session_cumulative_risk_score",
|
|
264
|
+
"type": "number",
|
|
265
|
+
"required": false,
|
|
266
|
+
"description": "Cumulative risk score across session turns"
|
|
267
|
+
},
|
|
268
|
+
{
|
|
269
|
+
"key": "session_injection_detected",
|
|
270
|
+
"type": "boolean",
|
|
271
|
+
"required": false,
|
|
272
|
+
"description": "Injection seen in any prior turn of this session"
|
|
273
|
+
},
|
|
274
|
+
{
|
|
275
|
+
"key": "session_command_injection",
|
|
276
|
+
"type": "boolean",
|
|
277
|
+
"required": false,
|
|
278
|
+
"description": "Command injection seen in any prior turn of this session"
|
|
279
|
+
},
|
|
280
|
+
{
|
|
281
|
+
"key": "session_pii_detected",
|
|
282
|
+
"type": "boolean",
|
|
283
|
+
"required": false,
|
|
284
|
+
"description": "PII seen in any prior turn of this session"
|
|
285
|
+
},
|
|
286
|
+
{
|
|
287
|
+
"key": "session_pii_types",
|
|
288
|
+
"type": "array",
|
|
289
|
+
"required": false,
|
|
290
|
+
"description": "PII types accumulated across session"
|
|
291
|
+
},
|
|
292
|
+
{
|
|
293
|
+
"key": "session_secrets_detected",
|
|
294
|
+
"type": "boolean",
|
|
295
|
+
"required": false,
|
|
296
|
+
"description": "Secrets seen in any prior turn of this session"
|
|
297
|
+
},
|
|
298
|
+
{
|
|
299
|
+
"key": "session_secret_types",
|
|
300
|
+
"type": "array",
|
|
301
|
+
"required": false,
|
|
302
|
+
"description": "Secret types accumulated across session"
|
|
303
|
+
},
|
|
304
|
+
{
|
|
305
|
+
"key": "session_max_injection_score",
|
|
306
|
+
"type": "number",
|
|
307
|
+
"required": false,
|
|
308
|
+
"description": "Max injection score across session turns"
|
|
309
|
+
},
|
|
310
|
+
{
|
|
311
|
+
"key": "session_max_jailbreak_score",
|
|
312
|
+
"type": "number",
|
|
313
|
+
"required": false,
|
|
314
|
+
"description": "Max jailbreak score across session turns"
|
|
315
|
+
},
|
|
316
|
+
{
|
|
317
|
+
"key": "session_max_command_injection_score",
|
|
318
|
+
"type": "number",
|
|
319
|
+
"required": false,
|
|
320
|
+
"description": "Max command-injection score across session turns"
|
|
321
|
+
},
|
|
322
|
+
{
|
|
323
|
+
"key": "session_max_pii_score",
|
|
324
|
+
"type": "number",
|
|
325
|
+
"required": false,
|
|
326
|
+
"description": "Max pii score across session turns"
|
|
327
|
+
},
|
|
328
|
+
{
|
|
329
|
+
"key": "session_max_secret_score",
|
|
330
|
+
"type": "number",
|
|
331
|
+
"required": false,
|
|
332
|
+
"description": "Max secret score across session turns"
|
|
249
333
|
}
|
|
250
334
|
]
|
|
251
335
|
},
|
|
@@ -320,7 +404,7 @@
|
|
|
320
404
|
"description": "Indirect injection score (0-100)"
|
|
321
405
|
},
|
|
322
406
|
{
|
|
323
|
-
"key": "
|
|
407
|
+
"key": "secrets_detected",
|
|
324
408
|
"type": "boolean",
|
|
325
409
|
"required": false,
|
|
326
410
|
"description": "Whether secrets/credentials detected"
|
|
@@ -355,6 +439,12 @@
|
|
|
355
439
|
"required": false,
|
|
356
440
|
"description": "Number of PII matches"
|
|
357
441
|
},
|
|
442
|
+
{
|
|
443
|
+
"key": "pii_score",
|
|
444
|
+
"type": "number",
|
|
445
|
+
"required": false,
|
|
446
|
+
"description": "PII classifier confidence (0-100)"
|
|
447
|
+
},
|
|
358
448
|
{
|
|
359
449
|
"key": "mcp_server_verified",
|
|
360
450
|
"type": "boolean",
|
|
@@ -372,6 +462,84 @@
|
|
|
372
462
|
"type": "number",
|
|
373
463
|
"required": false,
|
|
374
464
|
"description": "Config risk severity (0-100)"
|
|
465
|
+
},
|
|
466
|
+
{
|
|
467
|
+
"key": "session_threat_turns",
|
|
468
|
+
"type": "number",
|
|
469
|
+
"required": false,
|
|
470
|
+
"description": "Count of turns with detected threats in this session"
|
|
471
|
+
},
|
|
472
|
+
{
|
|
473
|
+
"key": "session_cumulative_risk_score",
|
|
474
|
+
"type": "number",
|
|
475
|
+
"required": false,
|
|
476
|
+
"description": "Cumulative risk score across session turns"
|
|
477
|
+
},
|
|
478
|
+
{
|
|
479
|
+
"key": "session_injection_detected",
|
|
480
|
+
"type": "boolean",
|
|
481
|
+
"required": false,
|
|
482
|
+
"description": "Injection seen in any prior turn of this session"
|
|
483
|
+
},
|
|
484
|
+
{
|
|
485
|
+
"key": "session_command_injection",
|
|
486
|
+
"type": "boolean",
|
|
487
|
+
"required": false,
|
|
488
|
+
"description": "Command injection seen in any prior turn of this session"
|
|
489
|
+
},
|
|
490
|
+
{
|
|
491
|
+
"key": "session_pii_detected",
|
|
492
|
+
"type": "boolean",
|
|
493
|
+
"required": false,
|
|
494
|
+
"description": "PII seen in any prior turn of this session"
|
|
495
|
+
},
|
|
496
|
+
{
|
|
497
|
+
"key": "session_pii_types",
|
|
498
|
+
"type": "array",
|
|
499
|
+
"required": false,
|
|
500
|
+
"description": "PII types accumulated across session"
|
|
501
|
+
},
|
|
502
|
+
{
|
|
503
|
+
"key": "session_secrets_detected",
|
|
504
|
+
"type": "boolean",
|
|
505
|
+
"required": false,
|
|
506
|
+
"description": "Secrets seen in any prior turn of this session"
|
|
507
|
+
},
|
|
508
|
+
{
|
|
509
|
+
"key": "session_secret_types",
|
|
510
|
+
"type": "array",
|
|
511
|
+
"required": false,
|
|
512
|
+
"description": "Secret types accumulated across session"
|
|
513
|
+
},
|
|
514
|
+
{
|
|
515
|
+
"key": "session_max_injection_score",
|
|
516
|
+
"type": "number",
|
|
517
|
+
"required": false,
|
|
518
|
+
"description": "Max injection score across session turns"
|
|
519
|
+
},
|
|
520
|
+
{
|
|
521
|
+
"key": "session_max_jailbreak_score",
|
|
522
|
+
"type": "number",
|
|
523
|
+
"required": false,
|
|
524
|
+
"description": "Max jailbreak score across session turns"
|
|
525
|
+
},
|
|
526
|
+
{
|
|
527
|
+
"key": "session_max_command_injection_score",
|
|
528
|
+
"type": "number",
|
|
529
|
+
"required": false,
|
|
530
|
+
"description": "Max command-injection score across session turns"
|
|
531
|
+
},
|
|
532
|
+
{
|
|
533
|
+
"key": "session_max_pii_score",
|
|
534
|
+
"type": "number",
|
|
535
|
+
"required": false,
|
|
536
|
+
"description": "Max pii score across session turns"
|
|
537
|
+
},
|
|
538
|
+
{
|
|
539
|
+
"key": "session_max_secret_score",
|
|
540
|
+
"type": "number",
|
|
541
|
+
"required": false,
|
|
542
|
+
"description": "Max secret score across session turns"
|
|
375
543
|
}
|
|
376
544
|
]
|
|
377
545
|
},
|
|
@@ -422,7 +590,7 @@
|
|
|
422
590
|
"description": "Numeric severity (0-4)"
|
|
423
591
|
},
|
|
424
592
|
{
|
|
425
|
-
"key": "
|
|
593
|
+
"key": "secrets_detected",
|
|
426
594
|
"type": "boolean",
|
|
427
595
|
"required": false,
|
|
428
596
|
"description": "Whether secrets/credentials detected"
|
|
@@ -458,13 +626,19 @@
|
|
|
458
626
|
"description": "Number of PII matches"
|
|
459
627
|
},
|
|
460
628
|
{
|
|
461
|
-
"key": "
|
|
629
|
+
"key": "pii_score",
|
|
630
|
+
"type": "number",
|
|
631
|
+
"required": false,
|
|
632
|
+
"description": "PII classifier confidence (0-100)"
|
|
633
|
+
},
|
|
634
|
+
{
|
|
635
|
+
"key": "injection_score",
|
|
462
636
|
"type": "number",
|
|
463
637
|
"required": false,
|
|
464
638
|
"description": "Injection classifier confidence (0-100)"
|
|
465
639
|
},
|
|
466
640
|
{
|
|
467
|
-
"key": "
|
|
641
|
+
"key": "jailbreak_score",
|
|
468
642
|
"type": "number",
|
|
469
643
|
"required": false,
|
|
470
644
|
"description": "Jailbreak classifier confidence (0-100)"
|
|
@@ -506,7 +680,7 @@
|
|
|
506
680
|
"description": "Profanity score (0-100)"
|
|
507
681
|
},
|
|
508
682
|
{
|
|
509
|
-
"key": "
|
|
683
|
+
"key": "invisible_chars_detected",
|
|
510
684
|
"type": "boolean",
|
|
511
685
|
"required": false,
|
|
512
686
|
"description": "Invisible Unicode chars detected"
|
|
@@ -528,6 +702,84 @@
|
|
|
528
702
|
"type": "string",
|
|
529
703
|
"required": false,
|
|
530
704
|
"description": "Provider name (e.g., openai, anthropic, bedrock)"
|
|
705
|
+
},
|
|
706
|
+
{
|
|
707
|
+
"key": "session_threat_turns",
|
|
708
|
+
"type": "number",
|
|
709
|
+
"required": false,
|
|
710
|
+
"description": "Count of turns with detected threats in this session"
|
|
711
|
+
},
|
|
712
|
+
{
|
|
713
|
+
"key": "session_cumulative_risk_score",
|
|
714
|
+
"type": "number",
|
|
715
|
+
"required": false,
|
|
716
|
+
"description": "Cumulative risk score across session turns"
|
|
717
|
+
},
|
|
718
|
+
{
|
|
719
|
+
"key": "session_injection_detected",
|
|
720
|
+
"type": "boolean",
|
|
721
|
+
"required": false,
|
|
722
|
+
"description": "Injection seen in any prior turn of this session"
|
|
723
|
+
},
|
|
724
|
+
{
|
|
725
|
+
"key": "session_command_injection",
|
|
726
|
+
"type": "boolean",
|
|
727
|
+
"required": false,
|
|
728
|
+
"description": "Command injection seen in any prior turn of this session"
|
|
729
|
+
},
|
|
730
|
+
{
|
|
731
|
+
"key": "session_pii_detected",
|
|
732
|
+
"type": "boolean",
|
|
733
|
+
"required": false,
|
|
734
|
+
"description": "PII seen in any prior turn of this session"
|
|
735
|
+
},
|
|
736
|
+
{
|
|
737
|
+
"key": "session_pii_types",
|
|
738
|
+
"type": "array",
|
|
739
|
+
"required": false,
|
|
740
|
+
"description": "PII types accumulated across session"
|
|
741
|
+
},
|
|
742
|
+
{
|
|
743
|
+
"key": "session_secrets_detected",
|
|
744
|
+
"type": "boolean",
|
|
745
|
+
"required": false,
|
|
746
|
+
"description": "Secrets seen in any prior turn of this session"
|
|
747
|
+
},
|
|
748
|
+
{
|
|
749
|
+
"key": "session_secret_types",
|
|
750
|
+
"type": "array",
|
|
751
|
+
"required": false,
|
|
752
|
+
"description": "Secret types accumulated across session"
|
|
753
|
+
},
|
|
754
|
+
{
|
|
755
|
+
"key": "session_max_injection_score",
|
|
756
|
+
"type": "number",
|
|
757
|
+
"required": false,
|
|
758
|
+
"description": "Max injection score across session turns"
|
|
759
|
+
},
|
|
760
|
+
{
|
|
761
|
+
"key": "session_max_jailbreak_score",
|
|
762
|
+
"type": "number",
|
|
763
|
+
"required": false,
|
|
764
|
+
"description": "Max jailbreak score across session turns"
|
|
765
|
+
},
|
|
766
|
+
{
|
|
767
|
+
"key": "session_max_command_injection_score",
|
|
768
|
+
"type": "number",
|
|
769
|
+
"required": false,
|
|
770
|
+
"description": "Max command-injection score across session turns"
|
|
771
|
+
},
|
|
772
|
+
{
|
|
773
|
+
"key": "session_max_pii_score",
|
|
774
|
+
"type": "number",
|
|
775
|
+
"required": false,
|
|
776
|
+
"description": "Max pii score across session turns"
|
|
777
|
+
},
|
|
778
|
+
{
|
|
779
|
+
"key": "session_max_secret_score",
|
|
780
|
+
"type": "number",
|
|
781
|
+
"required": false,
|
|
782
|
+
"description": "Max secret score across session turns"
|
|
531
783
|
}
|
|
532
784
|
]
|
|
533
785
|
},
|
|
@@ -578,7 +830,7 @@
|
|
|
578
830
|
"description": "Numeric severity (0-4)"
|
|
579
831
|
},
|
|
580
832
|
{
|
|
581
|
-
"key": "
|
|
833
|
+
"key": "secrets_detected",
|
|
582
834
|
"type": "boolean",
|
|
583
835
|
"required": false,
|
|
584
836
|
"description": "Whether secrets/credentials detected"
|
|
@@ -612,6 +864,90 @@
|
|
|
612
864
|
"type": "number",
|
|
613
865
|
"required": false,
|
|
614
866
|
"description": "Number of PII matches"
|
|
867
|
+
},
|
|
868
|
+
{
|
|
869
|
+
"key": "pii_score",
|
|
870
|
+
"type": "number",
|
|
871
|
+
"required": false,
|
|
872
|
+
"description": "PII classifier confidence (0-100)"
|
|
873
|
+
},
|
|
874
|
+
{
|
|
875
|
+
"key": "session_threat_turns",
|
|
876
|
+
"type": "number",
|
|
877
|
+
"required": false,
|
|
878
|
+
"description": "Count of turns with detected threats in this session"
|
|
879
|
+
},
|
|
880
|
+
{
|
|
881
|
+
"key": "session_cumulative_risk_score",
|
|
882
|
+
"type": "number",
|
|
883
|
+
"required": false,
|
|
884
|
+
"description": "Cumulative risk score across session turns"
|
|
885
|
+
},
|
|
886
|
+
{
|
|
887
|
+
"key": "session_injection_detected",
|
|
888
|
+
"type": "boolean",
|
|
889
|
+
"required": false,
|
|
890
|
+
"description": "Injection seen in any prior turn of this session"
|
|
891
|
+
},
|
|
892
|
+
{
|
|
893
|
+
"key": "session_command_injection",
|
|
894
|
+
"type": "boolean",
|
|
895
|
+
"required": false,
|
|
896
|
+
"description": "Command injection seen in any prior turn of this session"
|
|
897
|
+
},
|
|
898
|
+
{
|
|
899
|
+
"key": "session_pii_detected",
|
|
900
|
+
"type": "boolean",
|
|
901
|
+
"required": false,
|
|
902
|
+
"description": "PII seen in any prior turn of this session"
|
|
903
|
+
},
|
|
904
|
+
{
|
|
905
|
+
"key": "session_pii_types",
|
|
906
|
+
"type": "array",
|
|
907
|
+
"required": false,
|
|
908
|
+
"description": "PII types accumulated across session"
|
|
909
|
+
},
|
|
910
|
+
{
|
|
911
|
+
"key": "session_secrets_detected",
|
|
912
|
+
"type": "boolean",
|
|
913
|
+
"required": false,
|
|
914
|
+
"description": "Secrets seen in any prior turn of this session"
|
|
915
|
+
},
|
|
916
|
+
{
|
|
917
|
+
"key": "session_secret_types",
|
|
918
|
+
"type": "array",
|
|
919
|
+
"required": false,
|
|
920
|
+
"description": "Secret types accumulated across session"
|
|
921
|
+
},
|
|
922
|
+
{
|
|
923
|
+
"key": "session_max_injection_score",
|
|
924
|
+
"type": "number",
|
|
925
|
+
"required": false,
|
|
926
|
+
"description": "Max injection score across session turns"
|
|
927
|
+
},
|
|
928
|
+
{
|
|
929
|
+
"key": "session_max_jailbreak_score",
|
|
930
|
+
"type": "number",
|
|
931
|
+
"required": false,
|
|
932
|
+
"description": "Max jailbreak score across session turns"
|
|
933
|
+
},
|
|
934
|
+
{
|
|
935
|
+
"key": "session_max_command_injection_score",
|
|
936
|
+
"type": "number",
|
|
937
|
+
"required": false,
|
|
938
|
+
"description": "Max command-injection score across session turns"
|
|
939
|
+
},
|
|
940
|
+
{
|
|
941
|
+
"key": "session_max_pii_score",
|
|
942
|
+
"type": "number",
|
|
943
|
+
"required": false,
|
|
944
|
+
"description": "Max pii score across session turns"
|
|
945
|
+
},
|
|
946
|
+
{
|
|
947
|
+
"key": "session_max_secret_score",
|
|
948
|
+
"type": "number",
|
|
949
|
+
"required": false,
|
|
950
|
+
"description": "Max secret score across session turns"
|
|
615
951
|
}
|
|
616
952
|
]
|
|
617
953
|
},
|
|
@@ -662,7 +998,7 @@
|
|
|
662
998
|
"description": "Numeric severity (0-4)"
|
|
663
999
|
},
|
|
664
1000
|
{
|
|
665
|
-
"key": "
|
|
1001
|
+
"key": "secrets_detected",
|
|
666
1002
|
"type": "boolean",
|
|
667
1003
|
"required": false,
|
|
668
1004
|
"description": "Whether secrets/credentials detected"
|
|
@@ -696,6 +1032,90 @@
|
|
|
696
1032
|
"type": "number",
|
|
697
1033
|
"required": false,
|
|
698
1034
|
"description": "Number of PII matches"
|
|
1035
|
+
},
|
|
1036
|
+
{
|
|
1037
|
+
"key": "pii_score",
|
|
1038
|
+
"type": "number",
|
|
1039
|
+
"required": false,
|
|
1040
|
+
"description": "PII classifier confidence (0-100)"
|
|
1041
|
+
},
|
|
1042
|
+
{
|
|
1043
|
+
"key": "session_threat_turns",
|
|
1044
|
+
"type": "number",
|
|
1045
|
+
"required": false,
|
|
1046
|
+
"description": "Count of turns with detected threats in this session"
|
|
1047
|
+
},
|
|
1048
|
+
{
|
|
1049
|
+
"key": "session_cumulative_risk_score",
|
|
1050
|
+
"type": "number",
|
|
1051
|
+
"required": false,
|
|
1052
|
+
"description": "Cumulative risk score across session turns"
|
|
1053
|
+
},
|
|
1054
|
+
{
|
|
1055
|
+
"key": "session_injection_detected",
|
|
1056
|
+
"type": "boolean",
|
|
1057
|
+
"required": false,
|
|
1058
|
+
"description": "Injection seen in any prior turn of this session"
|
|
1059
|
+
},
|
|
1060
|
+
{
|
|
1061
|
+
"key": "session_command_injection",
|
|
1062
|
+
"type": "boolean",
|
|
1063
|
+
"required": false,
|
|
1064
|
+
"description": "Command injection seen in any prior turn of this session"
|
|
1065
|
+
},
|
|
1066
|
+
{
|
|
1067
|
+
"key": "session_pii_detected",
|
|
1068
|
+
"type": "boolean",
|
|
1069
|
+
"required": false,
|
|
1070
|
+
"description": "PII seen in any prior turn of this session"
|
|
1071
|
+
},
|
|
1072
|
+
{
|
|
1073
|
+
"key": "session_pii_types",
|
|
1074
|
+
"type": "array",
|
|
1075
|
+
"required": false,
|
|
1076
|
+
"description": "PII types accumulated across session"
|
|
1077
|
+
},
|
|
1078
|
+
{
|
|
1079
|
+
"key": "session_secrets_detected",
|
|
1080
|
+
"type": "boolean",
|
|
1081
|
+
"required": false,
|
|
1082
|
+
"description": "Secrets seen in any prior turn of this session"
|
|
1083
|
+
},
|
|
1084
|
+
{
|
|
1085
|
+
"key": "session_secret_types",
|
|
1086
|
+
"type": "array",
|
|
1087
|
+
"required": false,
|
|
1088
|
+
"description": "Secret types accumulated across session"
|
|
1089
|
+
},
|
|
1090
|
+
{
|
|
1091
|
+
"key": "session_max_injection_score",
|
|
1092
|
+
"type": "number",
|
|
1093
|
+
"required": false,
|
|
1094
|
+
"description": "Max injection score across session turns"
|
|
1095
|
+
},
|
|
1096
|
+
{
|
|
1097
|
+
"key": "session_max_jailbreak_score",
|
|
1098
|
+
"type": "number",
|
|
1099
|
+
"required": false,
|
|
1100
|
+
"description": "Max jailbreak score across session turns"
|
|
1101
|
+
},
|
|
1102
|
+
{
|
|
1103
|
+
"key": "session_max_command_injection_score",
|
|
1104
|
+
"type": "number",
|
|
1105
|
+
"required": false,
|
|
1106
|
+
"description": "Max command-injection score across session turns"
|
|
1107
|
+
},
|
|
1108
|
+
{
|
|
1109
|
+
"key": "session_max_pii_score",
|
|
1110
|
+
"type": "number",
|
|
1111
|
+
"required": false,
|
|
1112
|
+
"description": "Max pii score across session turns"
|
|
1113
|
+
},
|
|
1114
|
+
{
|
|
1115
|
+
"key": "session_max_secret_score",
|
|
1116
|
+
"type": "number",
|
|
1117
|
+
"required": false,
|
|
1118
|
+
"description": "Max secret score across session turns"
|
|
699
1119
|
}
|
|
700
1120
|
]
|
|
701
1121
|
}
|