@highflame/policy 2.1.35 → 2.1.37

package/_schemas/sentry/templates/defaults/content_safety.cedar

@@ -1,38 +1,32 @@
 // =============================================================================
-// Content Safety Policy (Default)
+// Content Safety (Default)
 // =============================================================================
-// Detects and blocks violent, harmful, hateful, sexual, and profane content
-// in AI chat interactions across messages and file uploads.
+// Blocks violent, harmful, hateful, sexual, and profane content across
+// messages and file uploads. Paste-targeted content rules live in
+// clipboard.cedar.
 //
-// Paste-specific content safety rules live in clipboard.cedar — see
-// "Clipboard Policy".
+// Thresholds:
+//   - violence, weapons, sexual, crime: >= 80 (critical/high)
+//   - hate_speech: >= 75 (lower threshold, zero tolerance)
+//   - profanity:   >= 90 (higher threshold, allows normal expression)
 //
-// The detection engine runs ML classifiers (toxicity, content safety) and
-// produces normalized scores (0-100) for each category.
+// Context keys consumed:
+//   - violence_score, weapons_score, hate_speech_score:  Long (0-100)
+//   - crime_score, sexual_score, profanity_score:        Long (0-100)
 //
 // Compliance:
-//   NIST 800-53 SI-4 (Information System Monitoring)
-//   EU AI Act Art. 52 (Transparency for AI Systems)
-//   OWASP LLM02 (Insecure Output Handling)
-//   ISO 42001 (AI Management System)
+//   - NIST 800-53 SI-4; EU AI Act Art. 52; ISO 42001; OWASP LLM02
 //
-// Category: content_safety
+// Category:  trust-safety
 // Namespace: Sentry
 // =============================================================================
 
-// ---------------------------------------------------------------------------
-// Section 1: Violence & Weapons
-// Blocks content promoting, describing, or instructing violence and weapons.
-// Applies to messages and file uploads.
-// ---------------------------------------------------------------------------
-
-// Block violent content across all input channels
-@id("sentry-cs-block-violence")
+@id("trust-safety.block-violence")
 @name("Block violent content")
-@description("Block content when the ML violence detection score exceeds threshold (80/100). Catches graphic violence descriptions, instructions for causing harm, and violent threat language in messages and uploads.")
+@description("Blocks process_prompt and upload_file when violence_score >= 80.")
 @severity("critical")
-@tags("violence,content-safety,trust-safety,nist-si-4,iso-42001")
-@reject_message("Content blocked: violent content detected. AI services must not process violent content in enterprise environments. Please rephrase without violence-related language.")
+@tags("category:trust-safety,threat:violence,detection:ml,compliance:nist-si-4,compliance:iso-42001")
+@reject_message("Content blocked: violent content detected.")
 forbid (
     principal,
     action in [Sentry::Action::"process_prompt", Sentry::Action::"upload_file"],
@@ -42,13 +36,12 @@ when {
     context has violence_score && context.violence_score >= 80
 };
 
-// Block weapons content
-@id("sentry-cs-block-weapons")
+@id("trust-safety.block-weapons")
 @name("Block weapons content")
-@description("Block content when the ML weapons detection score exceeds threshold (80/100). Catches weapon manufacturing instructions, procurement guidance, and detailed specifications.")
+@description("Blocks process_prompt and upload_file when weapons_score >= 80.")
 @severity("critical")
-@tags("weapons,content-safety,trust-safety,nist-si-4")
-@reject_message("Content blocked: weapons-related content detected. AI services must not process weapons manufacturing, procurement, or specification content.")
+@tags("category:trust-safety,threat:weapons,detection:ml,compliance:nist-si-4")
+@reject_message("Content blocked: weapons-related content detected.")
 forbid (
     principal,
     action in [Sentry::Action::"process_prompt", Sentry::Action::"upload_file"],
@@ -58,18 +51,12 @@ when {
     context has weapons_score && context.weapons_score >= 80
 };
 
-// ---------------------------------------------------------------------------
-// Section 2: Hate Speech & Discrimination
-// Lower threshold (75) — enterprises have zero tolerance for hate speech.
-// ---------------------------------------------------------------------------
-
-// Block hate speech content
-@id("sentry-cs-block-hate-speech")
+@id("trust-safety.block-hate-speech")
 @name("Block hate speech")
-@description("Block content when the ML hate speech score exceeds threshold (75/100). Lower threshold than other categories because enterprises have zero tolerance for discriminatory content. Catches slurs, dehumanizing language, and targeted harassment.")
+@description("Blocks process_prompt and upload_file when hate_speech_score >= 75.")
 @severity("critical")
-@tags("hate-speech,content-safety,trust-safety,nist-si-4,eu-ai-act")
-@reject_message("Content blocked: hate speech or discriminatory content detected. AI services must not process hateful, discriminatory, or dehumanizing content.")
+@tags("category:trust-safety,threat:hate-speech,detection:ml,compliance:nist-si-4,compliance:eu-ai-act")
+@reject_message("Content blocked: hate speech or discriminatory content detected.")
 forbid (
     principal,
     action in [Sentry::Action::"process_prompt", Sentry::Action::"upload_file"],
@@ -79,17 +66,12 @@ when {
     context has hate_speech_score && context.hate_speech_score >= 75
 };
 
-// ---------------------------------------------------------------------------
-// Section 3: Criminal Content
-// ---------------------------------------------------------------------------
-
-// Block criminal content
-@id("sentry-cs-block-crime")
+@id("trust-safety.block-crime")
 @name("Block criminal content")
-@description("Block content when the ML criminal activity detection score exceeds threshold (80/100). Catches illegal activity instructions, fraud techniques, and criminal behavior content.")
+@description("Blocks process_prompt and upload_file when crime_score >= 80.")
 @severity("high")
-@tags("crime,content-safety,trust-safety,nist-si-4")
-@reject_message("Content blocked: criminal activity content detected. AI services must not process content related to illegal activities or fraud.")
+@tags("category:trust-safety,threat:crime,detection:ml,compliance:nist-si-4")
+@reject_message("Content blocked: criminal activity content detected.")
 forbid (
     principal,
     action in [Sentry::Action::"process_prompt", Sentry::Action::"upload_file"],
@@ -99,17 +81,12 @@ when {
     context has crime_score && context.crime_score >= 80
 };
 
-// ---------------------------------------------------------------------------
-// Section 4: Sexual Content
-// ---------------------------------------------------------------------------
-
-// Block sexual content
-@id("sentry-cs-block-sexual")
+@id("trust-safety.block-sexual")
 @name("Block sexual content")
-@description("Block content when the ML sexual content score exceeds threshold (80/100). Ensures AI services do not process sexually explicit material in enterprise environments.")
+@description("Blocks process_prompt and upload_file when sexual_score >= 80.")
 @severity("high")
-@tags("sexual,content-safety,trust-safety,eu-ai-act,iso-42001")
-@reject_message("Content blocked: sexual content detected. AI services must not process sexually explicit material in enterprise environments.")
+@tags("category:trust-safety,threat:sexual,detection:ml,compliance:eu-ai-act,compliance:iso-42001")
+@reject_message("Content blocked: sexually explicit content detected.")
 forbid (
     principal,
     action in [Sentry::Action::"process_prompt", Sentry::Action::"upload_file"],
@@ -119,18 +96,12 @@ when {
     context has sexual_score && context.sexual_score >= 80
 };
 
-// ---------------------------------------------------------------------------
-// Section 5: Profanity
-// Higher threshold (90) — allows normal expression while blocking abuse.
-// ---------------------------------------------------------------------------
-
-// Block excessive profanity
-@id("sentry-cs-block-profanity")
-@name("Block profanity")
-@description("Block content when the ML profanity detection score exceeds threshold (90/100). Higher threshold allows normal expression while blocking abusive or harassing language patterns.")
+@id("trust-safety.block-profanity")
+@name("Block excessive profanity")
+@description("Blocks process_prompt when profanity_score >= 90.")
 @severity("medium")
-@tags("profanity,content-safety,trust-safety")
-@reject_message("Content blocked: excessive profanity detected. Please rephrase in a professional manner.")
+@tags("category:trust-safety,threat:profanity,detection:ml,surface:process-prompt")
+@reject_message("Content blocked: excessive profanity detected — please rephrase in professional language.")
 forbid (
     principal,
     action == Sentry::Action::"process_prompt",
@@ -139,4 +110,3 @@ forbid (
 when {
     context has profanity_score && context.profanity_score >= 90
 };
-

package/_schemas/sentry/templates/defaults/file_safety.cedar

@@ -1,54 +1,46 @@
 // =============================================================================
-// File & Attachment Safety Policy (Default)
+// File & Attachment Safety (Default)
 // =============================================================================
 // Blocks file uploads to AI chat services when document content contains
 // secrets or PII.
 //
-// Detection layers:
-//   1. Secrets in file content — from Shield SecretsDetector
-//   2. PII in file content — from Shield PIIRegexDetector
+// Context keys consumed:
+//   - secrets_detected: Bool
+//   - pii_detected:     Bool
 //
 // Compliance:
-//   NIST 800-53 SC-28 (Protection of Information at Rest)
-//   GDPR Art. 32 (Security of Processing)
+//   - NIST 800-53 SC-28; GDPR Art. 32
 //
-// Category: file_safety
+// Category:  file-safety
 // Namespace: Sentry
 // =============================================================================
 
-// ---------------------------------------------------------------------------
-// Section 1: File Content Security
-// Block text files containing secrets or PII.
-// ---------------------------------------------------------------------------
-
-// Block text files with secrets
-@id("sentry-file-block-secrets")
-@name("Block text files with secrets")
-@description("Block file uploads when secrets or credentials are detected in document content. Prevents uploading configuration files, code, or documents containing API keys, tokens, or passwords to AI services.")
+@id("file-safety.block-upload-secrets")
+@name("Block file uploads with secrets")
+@description("Blocks upload_file when secrets_detected is true.")
 @severity("critical")
-@tags("secrets,file-upload,credentials,nist-sc-28")
-@reject_message("Upload blocked: secrets or credentials detected in the file. Files containing API keys, tokens, or passwords must not be shared with AI services.")
+@tags("category:file-safety,threat:secrets,detection:rule,surface:upload-file,owasp:llm06")
+@reject_message("File upload blocked: secrets or credentials detected in document content.")
 forbid (
     principal,
     action == Sentry::Action::"upload_file",
     resource
 )
 when {
-    context has contains_secrets && context.contains_secrets
+    context has secrets_detected && context.secrets_detected == true
 };
 
-// Block text files with PII
-@id("sentry-pii-block-uploads")
-@name("Block text files with PII")
-@description("Block file uploads when PII is detected in document content. Prevents sharing of documents containing personal data (customer lists, HR records, medical files) with AI services.")
+@id("file-safety.block-upload-pii")
+@name("Block file uploads with PII")
+@description("Blocks upload_file when pii_detected is true.")
 @severity("critical")
-@tags("pii,file-upload,data-protection,gdpr-art-32")
-@reject_message("File upload blocked: personally identifiable information detected in the document. Files containing PII must not be shared with AI services.")
+@tags("category:file-safety,threat:pii,detection:rule,surface:upload-file,compliance:gdpr")
+@reject_message("File upload blocked: personally identifiable information detected in document content.")
 forbid (
     principal,
     action == Sentry::Action::"upload_file",
     resource
 )
 when {
-    context has pii_detected && context.pii_detected
+    context has pii_detected && context.pii_detected == true
 };

package/_schemas/sentry/templates/defaults/organization.cedar

@@ -1,29 +1,22 @@
 // =============================================================================
-// Organization Rules Policy (Default)
+// Organization Rules (Default)
 // =============================================================================
 // Cross-cutting organization-wide rules that don't fit other categories.
-// Secret/credential rules live in secrets.cedar; paste/clipboard rules live
-// in clipboard.cedar.
+// Currently: session-aware threat escalation circuit breaker.
 //
-// This template covers:
-//   - Session-aware threat escalation
+// Context keys consumed:
+//   - session_threat_turns: Long
 //
-// Category: organization
+// Category:  organization
 // Namespace: Sentry
 // =============================================================================
 
-// ---------------------------------------------------------------------------
-// Section 1: Session-Aware Escalation
-// Escalate protections when threats are detected across the session.
-// ---------------------------------------------------------------------------
-
-// Block all actions after repeated threat detection
-@id("sentry-org-session-threat-escalation")
-@name("Escalate after repeated threats")
-@description("Block all actions when threats have been detected in 3+ turns of the session. Repeated threat detections indicate either a persistent attacker or a compromised data source requiring investigation.")
+@id("organization.block-session-threat-escalation")
+@name("Block session after repeated threats")
+@description("Blocks all actions when session_threat_turns >= 3.")
 @severity("high")
-@tags("session,escalation,behavioral,defense-in-depth")
-@reject_message("Session blocked: security threats have been detected in multiple turns of this conversation. This session has been flagged for review. Please start a new session or contact your security team.")
+@tags("category:organization,detection:aggregate,posture:catch-all,scope:org-wide")
+@reject_message("Request blocked: 3+ threat turns in this session — the session has been flagged; please start a new session or contact your security team.")
 forbid (
     principal,
     action,

package/_schemas/sentry/templates/defaults/pii.cedar

@@ -1,65 +1,57 @@
 // =============================================================================
-// PII Detection Policy (Default)
+// PII Detection (Default)
 // =============================================================================
-// Detects and blocks personally identifiable information across messages
-// and file uploads. Uses multi-layered detection:
+// Blocks personally identifiable information across messages and file uploads
+// using multi-layered detection: detector boolean, granular PII type
+// matching, ML classifier confidence, threat category aggregation, and bulk
+// exposure thresholds.
 //
 // Paste-targeted PII rules live in clipboard.cedar.
 //
-//   1. PII boolean flag (pii_detected) — broadest catch from detection engine
-//   2. Granular PII type matching (pii_types) — type-specific blocking
-//   3. PII confidence score (pii_confidence) — ML classifier confidence
-//   4. Detection rule triggers (detected_threats) — named rule matches
-//   5. Bulk PII exposure (pii_count) — data dump prevention
-//
-// PII Types Detected by Shield PIIRegexDetector:
-//   ssn, credit_card, email, phone_us, ip_address, date_of_birth,
-//   passport, iban, aws_key, api_key_generic
+// Context keys consumed:
+//   - pii_detected:      Bool
+//   - pii_types:         Set<String>
+//   - pii_count:         Long
+//   - pii_score:    Long (0-100)
+//   - detected_threats:  Set<String>
+//   - threat_categories: Set<String>
 //
 // Compliance:
-//   PCI DSS 3.4, 4.1 (Payment Card Data)
-//   GDPR Art. 32 (Security of Processing)
-//   HIPAA §164.312 (Technical Safeguards)
-//   CCPA §1798.150 (Data Protection)
-//   OWASP LLM06 (Sensitive Information Disclosure)
+//   - PCI DSS 3.4/4.1, GDPR Art. 32, HIPAA §164.312, CCPA §1798.150
 //
-// Category: pii
+// Category:  privacy
 // Namespace: Sentry
 // =============================================================================
 
 // ---------------------------------------------------------------------------
-// Section 1: Primary PII Detection
-// Fires when the detection pipeline identifies PII in any content.
+// Section 1: Primary PII detection
 // ---------------------------------------------------------------------------
 
-// Block messages and uploads containing detected PII
-@id("sentry-pii-block-messages")
+@id("privacy.block-pii")
 @name("Block messages and uploads with PII")
-@description("Block messages and file uploads when the detection engine identifies any PII patterns. Prevents employees from accidentally sharing personal data with AI chat services.")
+@description("Blocks process_prompt and upload_file when pii_detected is true.")
 @severity("critical")
-@tags("pii,privacy,data-protection,gdpr-art-32,owasp-llm06")
-@reject_message("Content blocked: personally identifiable information was detected. Remove all PII (names, addresses, SSNs, credit cards, etc.) before sending to AI services.")
+@tags("category:privacy,threat:pii,detection:rule,compliance:gdpr,owasp:llm06")
+@reject_message("Content blocked: personally identifiable information detected — remove before sending to AI services.")
 forbid (
     principal,
     action in [Sentry::Action::"process_prompt", Sentry::Action::"upload_file"],
     resource
 )
 when {
-    context has pii_detected && context.pii_detected
+    context has pii_detected && context.pii_detected == true
 };
 
 // ---------------------------------------------------------------------------
-// Section 2: Granular PII Type Blocking
-// Blocks specific PII types based on regulatory requirements.
+// Section 2: Granular PII type blocking
 // ---------------------------------------------------------------------------
 
-// Block credit card numbers (PCI DSS compliance)
-@id("sentry-pii-block-credit-cards")
+@id("privacy.block-credit-card")
 @name("Block credit card numbers")
-@description("Block messages and file uploads containing credit card number patterns. PCI DSS 3.4 requires PANs are rendered unreadable — AI services must never receive raw card numbers.")
+@description("Blocks process_prompt and upload_file when pii_types or detected_threats contains \"credit_card\".")
 @severity("critical")
-@tags("pci,credit-card,payment,compliance,pci-dss-3.4")
-@reject_message("Content blocked: credit card number patterns detected. Sharing payment card data with AI services violates PCI DSS. Use tokenized references instead.")
+@tags("category:privacy,threat:pii,detection:pattern,compliance:pci-dss")
+@reject_message("Content blocked: credit card number patterns detected — PCI DSS prohibits raw PAN handling.")
 forbid (
     principal,
     action in [Sentry::Action::"process_prompt", Sentry::Action::"upload_file"],
@@ -70,13 +62,12 @@ when {
     (context has detected_threats && context.detected_threats.contains("credit_card"))
 };
 
-// Block Social Security Numbers
-@id("sentry-pii-block-ssn")
+@id("privacy.block-ssn")
 @name("Block Social Security Numbers")
-@description("Block messages and file uploads containing SSN patterns (XXX-XX-XXXX and variants). SSNs are high-value identity theft targets — exposure through AI services is a critical privacy violation.")
+@description("Blocks process_prompt and upload_file when pii_types or detected_threats contains \"ssn\".")
 @severity("critical")
-@tags("ssn,identity,privacy,compliance,nist-si-4")
-@reject_message("Content blocked: Social Security Number patterns detected. SSNs must never be shared with AI services.")
+@tags("category:privacy,threat:pii,detection:pattern,compliance:gdpr")
+@reject_message("Content blocked: Social Security Number patterns detected.")
 forbid (
     principal,
     action in [Sentry::Action::"process_prompt", Sentry::Action::"upload_file"],
@@ -87,13 +78,12 @@ when {
     (context has detected_threats && context.detected_threats.contains("ssn"))
 };
 
-// Block passport numbers
-@id("sentry-pii-block-passport")
+@id("privacy.block-passport")
 @name("Block passport numbers")
-@description("Block messages and file uploads containing passport number patterns. Passport numbers are government-issued identifiers with high identity theft risk.")
+@description("Blocks process_prompt and upload_file when pii_types contains \"passport\".")
 @severity("critical")
-@tags("passport,identity,privacy,gdpr")
-@reject_message("Content blocked: passport number patterns detected. Government-issued identifiers must not be shared with AI services.")
+@tags("category:privacy,threat:pii,detection:pattern,compliance:gdpr")
+@reject_message("Content blocked: passport number patterns detected.")
 forbid (
     principal,
     action in [Sentry::Action::"process_prompt", Sentry::Action::"upload_file"],
@@ -103,13 +93,12 @@ when {
     context has pii_types && context.pii_types.contains("passport")
 };
 
-// Block IBAN (International Bank Account Numbers)
-@id("sentry-pii-block-iban")
+@id("privacy.block-iban")
 @name("Block bank account numbers")
-@description("Block messages and file uploads containing IBAN patterns. Bank account numbers are sensitive financial identifiers that must not be exposed to AI services.")
+@description("Blocks process_prompt and upload_file when pii_types contains \"iban\".")
 @severity("critical")
-@tags("iban,financial,privacy,gdpr,pci-dss")
-@reject_message("Content blocked: bank account number (IBAN) patterns detected. Financial account numbers must not be shared with AI services.")
+@tags("category:privacy,threat:pii,detection:pattern,compliance:gdpr,compliance:pci-dss")
+@reject_message("Content blocked: bank account number (IBAN) patterns detected.")
 forbid (
     principal,
     action in [Sentry::Action::"process_prompt", Sentry::Action::"upload_file"],
@@ -119,13 +108,12 @@ when {
     context has pii_types && context.pii_types.contains("iban")
 };
 
-// Block bulk PII exposure
-@id("sentry-pii-block-bulk-exposure")
+@id("privacy.block-pii-bulk")
 @name("Block bulk PII exposure")
-@description("Block messages and file uploads containing 3 or more PII matches. Multiple PII items indicate a data dump — customer lists, CSV exports, or database content being leaked to AI services.")
+@description("Blocks process_prompt and upload_file when pii_count >= 3.")
 @severity("critical")
-@tags("pii,bulk,data-exfiltration,gdpr-art-32,ccpa")
-@reject_message("Content blocked: multiple PII items detected (3+). Bulk personal data must never be shared with AI services. Use data masking or tokenization.")
+@tags("category:privacy,threat:pii,threat:exfiltration,detection:aggregate,compliance:gdpr")
+@reject_message("Content blocked: 3+ PII items detected — bulk personal data must not be shared with AI services.")
 forbid (
     principal,
     action in [Sentry::Action::"process_prompt", Sentry::Action::"upload_file"],
@@ -136,38 +124,30 @@ when {
 };
 
 // ---------------------------------------------------------------------------
-// Section 3: PII Confidence Detection
-// Catches PII patterns via ML classifier that escape regex detection.
+// Section 3: ML classifier and aggregation
 // ---------------------------------------------------------------------------
 
-// Block high-confidence PII
-@id("sentry-pii-block-high-confidence")
-@name("Block high-confidence PII")
-@description("Block messages and file uploads when the PII confidence score exceeds threshold (80/100). Catches novel PII patterns including names, addresses, and identifiers that regex rules may miss.")
+@id("privacy.block-pii-ml")
+@name("Block high-confidence PII (ML)")
+@description("Blocks process_prompt and upload_file when pii_score >= 80.")
 @severity("critical")
-@tags("pii,confidence,privacy,compliance,ml-classifier")
-@reject_message("Content blocked: the ML classifier detected personally identifiable information with high confidence. The content appears to contain personal data.")
+@tags("category:privacy,threat:pii,detection:ml,compliance:gdpr,compliance:hipaa")
+@reject_message("Content blocked: the ML classifier detected personally identifiable information with high confidence.")
 forbid (
     principal,
     action in [Sentry::Action::"process_prompt", Sentry::Action::"upload_file"],
     resource
 )
 when {
-    context has pii_confidence && context.pii_confidence >= 80
+    context has pii_score && context.pii_score >= 80
 };
 
-// ---------------------------------------------------------------------------
-// Section 4: PII Threat Category
-// Defense-in-depth via threat aggregation layer.
-// ---------------------------------------------------------------------------
-
-// Block PII threat category
-@id("sentry-pii-block-threat-category")
+@id("privacy.block-pii-category")
 @name("Block PII threat category")
-@description("Block messages and file uploads when threat categorization identifies PII. Defense-in-depth behind the pii_detected boolean — catches cases where PII is flagged at the aggregation layer.")
+@description("Blocks process_prompt and upload_file when threat_categories contains \"pii\".")
 @severity("high")
-@tags("pii,privacy,data-protection,gdpr")
-@reject_message("Content blocked: threat scanners detected personally identifiable information. Remove all PII before submitting.")
+@tags("category:privacy,threat:pii,detection:aggregate,compliance:gdpr")
+@reject_message("Content blocked: threat scanners aggregated a PII threat category.")
 forbid (
     principal,
     action in [Sentry::Action::"process_prompt", Sentry::Action::"upload_file"],
@@ -176,4 +156,3 @@ forbid (
 when {
     context has threat_categories && context.threat_categories.contains("pii")
 };
-