@highflame/policy 2.1.4 → 2.1.5

package/_schemas/guardrails/templates/profiles/chat_assistant/security.cedar

@@ -18,7 +18,7 @@ forbid (
     action,
     resource
 ) when {
-    context has injection_score && context.injection_score > 70
+    context has injection_confidence && context.injection_confidence > 70
 };
 
 @id("chat-jailbreak-lower-threshold")
@@ -31,5 +31,5 @@ forbid (
     action,
     resource
 ) when {
-    context has jailbreak_score && context.jailbreak_score > 65
+    context has jailbreak_confidence && context.jailbreak_confidence > 65
 };

package/_schemas/guardrails/templates/profiles/data_pipeline/security.cedar

@@ -45,5 +45,5 @@ forbid (
     action,
     resource
 ) when {
-    context has injection_score && context.injection_score > 65
+    context has injection_confidence && context.injection_confidence > 65
 };

package/_schemas/overwatch/context.json

@@ -179,13 +179,37 @@
           "key": "injection_confidence",
           "type": "number",
           "required": true,
-          "description": "Prompt injection ML classifier confidence (0-100)"
+          "description": "Combined prompt injection confidence (0-100). MAX of all detector scores (Pulse + DeepContext). Use injection_pulse_score / injection_deep_context_score for individual detector control"
         },
         {
           "key": "jailbreak_confidence",
           "type": "number",
           "required": true,
-          "description": "Jailbreak detection ML classifier confidence (0-100)"
+          "description": "Combined jailbreak detection confidence (0-100). MAX of all detector scores (Pulse + DeepContext). Use jailbreak_pulse_score / jailbreak_deep_context_score for individual detector control"
+        },
+        {
+          "key": "injection_pulse_score",
+          "type": "number",
+          "required": false,
+          "description": "Highflame single-turn classifier score for prompt injection (0-100). Raw score from Pulse detector before combination with deep-context. Use for per-detector policy control"
+        },
+        {
+          "key": "injection_deep_context_score",
+          "type": "number",
+          "required": false,
+          "description": "DeepContext multi-turn analyzer score for prompt injection (0-100). Tracks injection patterns across conversation history. Generally higher confidence than single-turn"
+        },
+        {
+          "key": "jailbreak_pulse_score",
+          "type": "number",
+          "required": false,
+          "description": "Highflame single-turn classifier score for jailbreak attempts (0-100). Raw score from Pulse detector before combination with deep-context"
+        },
+        {
+          "key": "jailbreak_deep_context_score",
+          "type": "number",
+          "required": false,
+          "description": "DeepContext multi-turn analyzer score for jailbreak attempts (0-100). Detects jailbreak escalation patterns across conversation turns"
         },
         {
           "key": "indirect_injection_score",
@@ -234,6 +258,42 @@
           "type": "number",
           "required": false,
           "description": "Number of turns in the session where threats were detected"
+        },
+        {
+          "key": "session_max_injection_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest prompt injection score seen in any turn of the session (0-100). Use for tiered responses: >75 hard block, >50 restrict permissions"
+        },
+        {
+          "key": "session_max_jailbreak_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest jailbreak detection score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_max_command_injection_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest command injection score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_max_pii_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest PII risk score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_max_secret_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest secret detection score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_cumulative_risk_score",
+          "type": "number",
+          "required": false,
+          "description": "Sum of per-turn risk scores across the session. Catches death-by-a-thousand-cuts where no single turn is high but cumulative risk is significant"
         }
       ]
     },
@@ -431,13 +491,37 @@
           "key": "injection_confidence",
           "type": "number",
           "required": false,
-          "description": "Prompt injection ML classifier confidence (0-100)"
+          "description": "Combined prompt injection confidence (0-100). MAX of all detector scores (Pulse + DeepContext). Use injection_pulse_score / injection_deep_context_score for individual detector control"
         },
         {
           "key": "jailbreak_confidence",
           "type": "number",
           "required": false,
-          "description": "Jailbreak detection ML classifier confidence (0-100)"
+          "description": "Combined jailbreak detection confidence (0-100). MAX of all detector scores (Pulse + DeepContext). Use jailbreak_pulse_score / jailbreak_deep_context_score for individual detector control"
+        },
+        {
+          "key": "injection_pulse_score",
+          "type": "number",
+          "required": false,
+          "description": "Highflame single-turn classifier score for prompt injection in tool arguments (0-100). Raw score from Pulse detector before combination with deep-context"
+        },
+        {
+          "key": "injection_deep_context_score",
+          "type": "number",
+          "required": false,
+          "description": "DeepContext multi-turn analyzer score for prompt injection in tool arguments (0-100). Tracks injection patterns across tool call history"
+        },
+        {
+          "key": "jailbreak_pulse_score",
+          "type": "number",
+          "required": false,
+          "description": "Highflame single-turn classifier score for jailbreak in tool arguments (0-100). Raw score from Pulse detector before combination with deep-context"
+        },
+        {
+          "key": "jailbreak_deep_context_score",
+          "type": "number",
+          "required": false,
+          "description": "DeepContext multi-turn analyzer score for jailbreak in tool arguments (0-100). Detects jailbreak escalation patterns across tool call turns"
         },
         {
           "key": "tool_poisoning_score",
@@ -576,6 +660,42 @@
           "type": "number",
           "required": false,
           "description": "Number of turns in the session where threats were detected"
+        },
+        {
+          "key": "session_max_injection_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest prompt injection score seen in any turn of the session (0-100). Use for tiered responses: >75 hard block, >50 restrict permissions"
+        },
+        {
+          "key": "session_max_jailbreak_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest jailbreak detection score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_max_command_injection_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest command injection score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_max_pii_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest PII risk score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_max_secret_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest secret detection score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_cumulative_risk_score",
+          "type": "number",
+          "required": false,
+          "description": "Sum of per-turn risk scores across the session. Catches death-by-a-thousand-cuts where no single turn is high but cumulative risk is significant"
         }
       ]
     },
@@ -732,6 +852,42 @@
           "type": "number",
           "required": false,
           "description": "Number of turns in the session where threats were detected"
+        },
+        {
+          "key": "session_max_injection_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest prompt injection score seen in any turn of the session (0-100). Use for tiered responses: >75 hard block, >50 restrict permissions"
+        },
+        {
+          "key": "session_max_jailbreak_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest jailbreak detection score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_max_command_injection_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest command injection score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_max_pii_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest PII risk score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_max_secret_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest secret detection score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_cumulative_risk_score",
+          "type": "number",
+          "required": false,
+          "description": "Sum of per-turn risk scores across the session. Catches death-by-a-thousand-cuts where no single turn is high but cumulative risk is significant"
         }
       ]
     },
@@ -888,6 +1044,42 @@
           "type": "number",
           "required": false,
           "description": "Number of turns in the session where threats were detected"
+        },
+        {
+          "key": "session_max_injection_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest prompt injection score seen in any turn of the session (0-100). Use for tiered responses: >75 hard block, >50 restrict permissions"
+        },
+        {
+          "key": "session_max_jailbreak_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest jailbreak detection score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_max_command_injection_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest command injection score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_max_pii_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest PII risk score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_max_secret_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest secret detection score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_cumulative_risk_score",
+          "type": "number",
+          "required": false,
+          "description": "Sum of per-turn risk scores across the session. Catches death-by-a-thousand-cuts where no single turn is high but cumulative risk is significant"
         }
       ]
     },
@@ -1050,6 +1242,42 @@
           "type": "number",
           "required": false,
           "description": "Number of turns in the session where threats were detected"
+        },
+        {
+          "key": "session_max_injection_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest prompt injection score seen in any turn of the session (0-100). Use for tiered responses: >75 hard block, >50 restrict permissions"
+        },
+        {
+          "key": "session_max_jailbreak_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest jailbreak detection score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_max_command_injection_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest command injection score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_max_pii_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest PII risk score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_max_secret_score",
+          "type": "number",
+          "required": false,
+          "description": "Highest secret detection score seen in any turn of the session (0-100)"
+        },
+        {
+          "key": "session_cumulative_risk_score",
+          "type": "number",
+          "required": false,
+          "description": "Sum of per-turn risk scores across the session. Catches death-by-a-thousand-cuts where no single turn is high but cumulative risk is significant"
         }
       ]
     }

package/_schemas/overwatch/schema.cedarschema

@@ -120,8 +120,12 @@ action process_prompt appliesTo {
 
     // --- ML Detector Confidence Scores (0-100) ---
     pii_confidence: Long,             // PII detection classifier confidence
-    injection_confidence: Long,       // Prompt injection classifier confidence
-    jailbreak_confidence: Long,       // Jailbreak detection classifier confidence
+    injection_confidence: Long,       // Combined injection confidence: MAX(pulse, deep_context)
+    jailbreak_confidence: Long,       // Combined jailbreak confidence: MAX(pulse, deep_context)
+    injection_pulse_score?: Long,     // 0-100 Pulse single-turn classifier
+    injection_deep_context_score?: Long, // 0-100 DeepContext multi-turn
+    jailbreak_pulse_score?: Long,     // 0-100 Pulse single-turn classifier
+    jailbreak_deep_context_score?: Long, // 0-100 DeepContext multi-turn
 
     // --- Agent Security (0-100) ---
     indirect_injection_score: Long,   // Indirect prompt injection risk (OWASP LLM01, ASI01)
@@ -134,6 +138,12 @@ action process_prompt appliesTo {
     session_injection_detected?: Bool,
     session_command_injection?: Bool,
     session_threat_turns?: Long,
+    session_max_injection_score?: Long,
+    session_max_jailbreak_score?: Long,
+    session_max_command_injection_score?: Long,
+    session_max_pii_score?: Long,
+    session_max_secret_score?: Long,
+    session_cumulative_risk_score?: Long,
 
     // --- Legacy ---
     prompt_text?: String,             // Same as content (backward compatibility)
@@ -196,8 +206,12 @@ action call_tool appliesTo {
 
     // --- ML Detector Confidence Scores (0-100) ---
     pii_confidence?: Long,
-    injection_confidence?: Long,
-    jailbreak_confidence?: Long,
+    injection_confidence?: Long,      // Combined injection confidence: MAX(pulse, deep_context)
+    jailbreak_confidence?: Long,      // Combined jailbreak confidence: MAX(pulse, deep_context)
+    injection_pulse_score?: Long,     // 0-100 Pulse single-turn classifier
+    injection_deep_context_score?: Long, // 0-100 DeepContext multi-turn
+    jailbreak_pulse_score?: Long,     // 0-100 Pulse single-turn classifier
+    jailbreak_deep_context_score?: Long, // 0-100 DeepContext multi-turn
 
     // --- Agent Security (0-100) --- (OWASP ASI01, ASI02, ASI04; MITRE AML.T0051)
     tool_poisoning_score?: Long,      // Hidden instructions in tool description/args
@@ -231,6 +245,12 @@ action call_tool appliesTo {
     session_injection_detected?: Bool,
     session_command_injection?: Bool,
     session_threat_turns?: Long,
+    session_max_injection_score?: Long,
+    session_max_jailbreak_score?: Long,
+    session_max_command_injection_score?: Long,
+    session_max_pii_score?: Long,
+    session_max_secret_score?: Long,
+    session_cumulative_risk_score?: Long,
 
     // --- Legacy ---
     response_content?: String,
@@ -275,6 +295,12 @@ action connect_server appliesTo {
     session_injection_detected?: Bool,
     session_command_injection?: Bool,
     session_threat_turns?: Long,
+    session_max_injection_score?: Long,
+    session_max_jailbreak_score?: Long,
+    session_max_command_injection_score?: Long,
+    session_max_pii_score?: Long,
+    session_max_secret_score?: Long,
+    session_cumulative_risk_score?: Long,
   },
 };
 
@@ -317,6 +343,12 @@ action read_file appliesTo {
     session_injection_detected?: Bool,
     session_command_injection?: Bool,
     session_threat_turns?: Long,
+    session_max_injection_score?: Long,
+    session_max_jailbreak_score?: Long,
+    session_max_command_injection_score?: Long,
+    session_max_pii_score?: Long,
+    session_max_secret_score?: Long,
+    session_cumulative_risk_score?: Long,
   },
 };
 
@@ -359,6 +391,12 @@ action write_file appliesTo {
     session_injection_detected?: Bool,
     session_command_injection?: Bool,
     session_threat_turns?: Long,
+    session_max_injection_score?: Long,
+    session_max_jailbreak_score?: Long,
+    session_max_command_injection_score?: Long,
+    session_max_pii_score?: Long,
+    session_max_secret_score?: Long,
+    session_cumulative_risk_score?: Long,
   },
 };
 

package/dist/guardrails-context.gen.d.ts

@@ -36,12 +36,16 @@ export declare const GuardrailsContextKey: {
     readonly FactualityScore: "factuality_score";
     readonly HallucinationScore: "hallucination_score";
     readonly HateSpeechScore: "hate_speech_score";
-    readonly InjectionScore: "injection_score";
+    readonly InjectionConfidence: "injection_confidence";
+    readonly InjectionDeepContextScore: "injection_deep_context_score";
+    readonly InjectionPulseScore: "injection_pulse_score";
     readonly InjectionType: "injection_type";
     readonly InvisibleCharsScore: "invisible_chars_score";
     readonly IsEnglish: "is_english";
     readonly IsLatinScript: "is_latin_script";
-    readonly JailbreakScore: "jailbreak_score";
+    readonly JailbreakConfidence: "jailbreak_confidence";
+    readonly JailbreakDeepContextScore: "jailbreak_deep_context_score";
+    readonly JailbreakPulseScore: "jailbreak_pulse_score";
     readonly KeywordCategories: "keyword_categories";
     readonly KeywordCount: "keyword_count";
     readonly KeywordMatched: "keyword_matched";
@@ -74,6 +78,19 @@ export declare const GuardrailsContextKey: {
     readonly SecretTypes: "secret_types";
     readonly SentimentScore: "sentiment_score";
     readonly SequenceRisk: "sequence_risk";
+    readonly SessionCommandInjection: "session_command_injection";
+    readonly SessionCumulativeRiskScore: "session_cumulative_risk_score";
+    readonly SessionInjectionDetected: "session_injection_detected";
+    readonly SessionMaxCommandInjectionScore: "session_max_command_injection_score";
+    readonly SessionMaxInjectionScore: "session_max_injection_score";
+    readonly SessionMaxJailbreakScore: "session_max_jailbreak_score";
+    readonly SessionMaxPiiScore: "session_max_pii_score";
+    readonly SessionMaxSecretScore: "session_max_secret_score";
+    readonly SessionPiiDetected: "session_pii_detected";
+    readonly SessionPiiTypes: "session_pii_types";
+    readonly SessionSecretTypes: "session_secret_types";
+    readonly SessionSecretsDetected: "session_secrets_detected";
+    readonly SessionThreatTurns: "session_threat_turns";
     readonly SexualScore: "sexual_score";
     readonly SqlInjectionDetected: "sql_injection_detected";
     readonly SqlInjectionScore: "sql_injection_score";

package/dist/guardrails-context.gen.js

@@ -38,12 +38,16 @@ export const GuardrailsContextKey = {
     FactualityScore: 'factuality_score',
     HallucinationScore: 'hallucination_score',
     HateSpeechScore: 'hate_speech_score',
-    InjectionScore: 'injection_score',
+    InjectionConfidence: 'injection_confidence',
+    InjectionDeepContextScore: 'injection_deep_context_score',
+    InjectionPulseScore: 'injection_pulse_score',
     InjectionType: 'injection_type',
     InvisibleCharsScore: 'invisible_chars_score',
     IsEnglish: 'is_english',
     IsLatinScript: 'is_latin_script',
-    JailbreakScore: 'jailbreak_score',
+    JailbreakConfidence: 'jailbreak_confidence',
+    JailbreakDeepContextScore: 'jailbreak_deep_context_score',
+    JailbreakPulseScore: 'jailbreak_pulse_score',
     KeywordCategories: 'keyword_categories',
     KeywordCount: 'keyword_count',
     KeywordMatched: 'keyword_matched',
@@ -76,6 +80,19 @@ export const GuardrailsContextKey = {
     SecretTypes: 'secret_types',
     SentimentScore: 'sentiment_score',
     SequenceRisk: 'sequence_risk',
+    SessionCommandInjection: 'session_command_injection',
+    SessionCumulativeRiskScore: 'session_cumulative_risk_score',
+    SessionInjectionDetected: 'session_injection_detected',
+    SessionMaxCommandInjectionScore: 'session_max_command_injection_score',
+    SessionMaxInjectionScore: 'session_max_injection_score',
+    SessionMaxJailbreakScore: 'session_max_jailbreak_score',
+    SessionMaxPiiScore: 'session_max_pii_score',
+    SessionMaxSecretScore: 'session_max_secret_score',
+    SessionPiiDetected: 'session_pii_detected',
+    SessionPiiTypes: 'session_pii_types',
+    SessionSecretTypes: 'session_secret_types',
+    SessionSecretsDetected: 'session_secrets_detected',
+    SessionThreatTurns: 'session_threat_turns',
     SexualScore: 'sexual_score',
     SqlInjectionDetected: 'sql_injection_detected',
     SqlInjectionScore: 'sql_injection_score',

package/dist/guardrails-defaults.gen.js

@@ -80,8 +80,8 @@ const GUARDRAILS_INJECTION_DEFAULT_CEDAR = `// =================================
 // Uses ML-based confidence scores from normalized context.
 //
 // Context keys used (normalized by projection layer):
-// - injection_score: Long (0-100) - Overall injection confidence
-// - jailbreak_score: Long (0-100) - Jailbreak attempt confidence
+// - injection_confidence: Long (0-100) - Overall injection confidence
+// - jailbreak_confidence: Long (0-100) - Jailbreak attempt confidence
 // - injection_type: String - Type of injection detected
 // - contains_invisible_chars: Bool - Invisible Unicode characters detected
 // - invisible_chars_score: Long (0-100) - Invisible character density
@@ -100,7 +100,7 @@ forbid (
     action,
     resource
 ) when {
-    context has injection_score && context.injection_score > 85
+    context has injection_confidence && context.injection_confidence > 85
 };
 
 @id("jailbreak-block-high-confidence")
@@ -113,7 +113,7 @@ forbid (
     action,
     resource
 ) when {
-    context has jailbreak_score && context.jailbreak_score > 80
+    context has jailbreak_confidence && context.jailbreak_confidence > 80
 };
 
 @id("injection-combined-threshold")
@@ -126,8 +126,8 @@ forbid (
     action,
     resource
 ) when {
-    context has injection_score && context has jailbreak_score &&
-    context.injection_score > 60 && context.jailbreak_score > 60
+    context has injection_confidence && context has jailbreak_confidence &&
+    context.injection_confidence > 60 && context.jailbreak_confidence > 60
 };
 
 @id("injection-invisible-chars")
@@ -634,7 +634,7 @@ forbid (
     action,
     resource
 ) when {
-    context has injection_score && context.injection_score > 70
+    context has injection_confidence && context.injection_confidence > 70
 };
 
 @id("chat-jailbreak-lower-threshold")
@@ -647,7 +647,7 @@ forbid (
     action,
     resource
 ) when {
-    context has jailbreak_score && context.jailbreak_score > 65
+    context has jailbreak_confidence && context.jailbreak_confidence > 65
 };
 `;
 const GUARDRAILS_CHAT_ASSISTANT_PRIVACY_CEDAR = `// =============================================================================
@@ -938,7 +938,7 @@ forbid (
     action,
     resource
 ) when {
-    context has injection_score && context.injection_score > 65
+    context has injection_confidence && context.injection_confidence > 65
 };
 `;
 const GUARDRAILS_DATA_PIPELINE_AGENTIC_SECURITY_CEDAR = `// =============================================================================

package/dist/overwatch-context.gen.d.ts

@@ -16,8 +16,12 @@ export declare const OverwatchContextKey: {
     readonly HighestSeverity: "highest_severity";
     readonly IndirectInjectionScore: "indirect_injection_score";
     readonly InjectionConfidence: "injection_confidence";
+    readonly InjectionDeepContextScore: "injection_deep_context_score";
+    readonly InjectionPulseScore: "injection_pulse_score";
     readonly InvisibleCharsScore: "invisible_chars_score";
     readonly JailbreakConfidence: "jailbreak_confidence";
+    readonly JailbreakDeepContextScore: "jailbreak_deep_context_score";
+    readonly JailbreakPulseScore: "jailbreak_pulse_score";
     readonly LoopCount: "loop_count";
     readonly LoopDetected: "loop_detected";
     readonly LoopTool: "loop_tool";
@@ -42,7 +46,13 @@ export declare const OverwatchContextKey: {
     readonly SecretTypes: "secret_types";
     readonly SequenceRisk: "sequence_risk";
     readonly SessionCommandInjection: "session_command_injection";
+    readonly SessionCumulativeRiskScore: "session_cumulative_risk_score";
     readonly SessionInjectionDetected: "session_injection_detected";
+    readonly SessionMaxCommandInjectionScore: "session_max_command_injection_score";
+    readonly SessionMaxInjectionScore: "session_max_injection_score";
+    readonly SessionMaxJailbreakScore: "session_max_jailbreak_score";
+    readonly SessionMaxPiiScore: "session_max_pii_score";
+    readonly SessionMaxSecretScore: "session_max_secret_score";
     readonly SessionPiiDetected: "session_pii_detected";
     readonly SessionPiiTypes: "session_pii_types";
     readonly SessionSecretTypes: "session_secret_types";

package/dist/overwatch-context.gen.js

@@ -18,8 +18,12 @@ export const OverwatchContextKey = {
     HighestSeverity: 'highest_severity',
     IndirectInjectionScore: 'indirect_injection_score',
     InjectionConfidence: 'injection_confidence',
+    InjectionDeepContextScore: 'injection_deep_context_score',
+    InjectionPulseScore: 'injection_pulse_score',
     InvisibleCharsScore: 'invisible_chars_score',
     JailbreakConfidence: 'jailbreak_confidence',
+    JailbreakDeepContextScore: 'jailbreak_deep_context_score',
+    JailbreakPulseScore: 'jailbreak_pulse_score',
     LoopCount: 'loop_count',
     LoopDetected: 'loop_detected',
     LoopTool: 'loop_tool',
@@ -44,7 +48,13 @@ export const OverwatchContextKey = {
     SecretTypes: 'secret_types',
     SequenceRisk: 'sequence_risk',
     SessionCommandInjection: 'session_command_injection',
+    SessionCumulativeRiskScore: 'session_cumulative_risk_score',
     SessionInjectionDetected: 'session_injection_detected',
+    SessionMaxCommandInjectionScore: 'session_max_command_injection_score',
+    SessionMaxInjectionScore: 'session_max_injection_score',
+    SessionMaxJailbreakScore: 'session_max_jailbreak_score',
+    SessionMaxPiiScore: 'session_max_pii_score',
+    SessionMaxSecretScore: 'session_max_secret_score',
     SessionPiiDetected: 'session_pii_detected',
     SessionPiiTypes: 'session_pii_types',
     SessionSecretTypes: 'session_secret_types',