Security Policy

import "github.com/declaw-ai/declaw-go"

A SecurityPolicy is passed to Create() via the WithSecurity option. It composes PII detection, injection defense, toxicity / code-security / invisible-text scanners, network policy, transformation rules, audit logging, and environment variable security into a single struct.

SecurityPolicy

policy := declaw.SecurityPolicy{
    PII: &declaw.PIIConfig{
        Enabled: true,
        Types:   []declaw.PIIType{declaw.PIIEmail, declaw.PIICreditCard},
        Action:  declaw.RedactionActionRedact,
    },
    InjectionDefense: &declaw.InjectionDefenseConfig{
        Enabled: true,
        Action:  declaw.InjectionActionBlock,
    },
    Audit: &declaw.AuditConfig{Enabled: true},
}

sbx, err := declaw.Create(ctx,
    declaw.WithSecurity(policy),
)

Field	Type	Description
`PII`	`*PIIConfig`	PII detection and redaction
`InjectionDefense`	`*InjectionDefenseConfig`	Prompt injection defense
`Transformations`	`[]TransformationRule`	Regex-based request/response transformations
`Network`	`*NetworkPolicy`	Network allowlist/denylist
`Audit`	`*AuditConfig`	Audit logging
`EnvSecurity`	`*EnvSecurityConfig`	Environment variable masking
`Toxicity`	`*ToxicityConfig`	Toxicity scanner
`CodeSecurity`	`*CodeSecurityConfig`	Code security scanner
`InvisibleText`	`*InvisibleTextConfig`	Invisible Unicode scanner

Methods

Method	Returns	Description
`policy.RequiresTLSInterception()`	`bool`	`true` if any scanner requires TLS interception
`policy.ToJSON()`	`map[string]interface{}`	Serialize to API-compatible map
`ParseSecurityPolicy(data)`	`*SecurityPolicy`	Deserialize from API response

PIIConfig

Configure detection and handling of personally identifiable information in outbound HTTP traffic.

pii := &declaw.PIIConfig{
    Enabled: true,
    Types:   []declaw.PIIType{declaw.PIIEmail, declaw.PIICreditCard, declaw.PIISSN},
    Action:  declaw.RedactionActionRedact,
    Model:   "presidio",
}

Field	Type	Default	Description
`Enabled`	`bool`	`false`	Whether PII scanning is active
`Types`	`[]PIIType`	all types	PII types to scan for
`Action`	`RedactionAction`	`""`	Action on detection: `"redact"`, `"block"`, `"log_only"`
`Model`	`string`	`""`	Scanner model to use

`PIIType` constants

const (
    PIIEmail      PIIType = "email"
    PIIPhone      PIIType = "phone"
    PIISSN        PIIType = "ssn"
    PIICreditCard PIIType = "credit_card"
    PIIPersonName PIIType = "person_name"
    PIIAPIKey     PIIType = "api_key"
    PIIAddress    PIIType = "address"
    PIIIPAddress  PIIType = "ip_address"
)

`RedactionAction` constants

const (
    RedactionActionRedact  RedactionAction = "redact"
    RedactionActionBlock   RedactionAction = "block"
    RedactionActionLogOnly RedactionAction = "log_only"
)

InjectionDefenseConfig

Detect and block prompt injection attempts in outbound HTTP request bodies.

injection := &declaw.InjectionDefenseConfig{
    Enabled:     true,
    Sensitivity: declaw.InjectionSensitivityMedium,
    Action:      declaw.InjectionActionBlock,
}

Field	Type	Default	Description
`Enabled`	`bool`	`false`	Whether injection defense is active
`Sensitivity`	`InjectionSensitivity`	`""`	`"low"`, `"medium"`, or `"high"`
`Action`	`InjectionAction`	`""`	`"block"` or `"log_only"`

ToxicityConfig

Scan outbound HTTP request bodies for toxic content.

toxicity := &declaw.ToxicityConfig{
    Enabled:   true,
    Threshold: 0.9,
}

Field	Type	Default	Description
`Enabled`	`bool`	`false`	Whether toxicity scanning is active
`Threshold`	`float64`	`0`	Confidence threshold (0.0–1.0)

CodeSecurityConfig

Detect suspicious code in outbound HTTP request bodies.

codeSec := &declaw.CodeSecurityConfig{
    Enabled:                 true,
    DetectSuspiciousImports: true,
}

Field	Type	Default	Description
`Enabled`	`bool`	`false`	Whether code-security scanning is active
`DetectSuspiciousImports`	`bool`	`false`	Flag suspicious import statements

InvisibleTextConfig

Detect invisible or control Unicode characters in outbound HTTP request bodies.

invisible := &declaw.InvisibleTextConfig{
    Enabled:         true,
    DetectZeroWidth: true,
}

Field	Type	Default	Description
`Enabled`	`bool`	`false`	Whether invisible-text scanning is active
`DetectZeroWidth`	`bool`	`false`	Detect zero-width characters

NetworkPolicy

Network allowlist and denylist for outbound traffic from the sandbox.

network := &declaw.NetworkPolicy{
    AllowOut: []string{"pypi.org", "*.github.com"},
    DenyOut:  []string{"0.0.0.0/0"}, // or use declaw.AllTraffic for wildcard "*"
}

Field	Type	Description
`AllowOut`	`[]string`	Destinations to allow (IPs, CIDRs, domains)
`DenyOut`	`[]string`	Destinations to deny (IPs, CIDRs)

TransformationRule

Regex-based text transformation applied to outbound request bodies, inbound response bodies, or both.

rule := declaw.TransformationRule{
    Match:     `Bearer [A-Za-z0-9\-_\.]+`,
    Replace:   "Bearer [REDACTED]",
    Direction: declaw.TransformOut,
}

Field	Type	Description
`Match`	`string`	Regular expression pattern
`Replace`	`string`	Replacement string
`Direction`	`TransformDirection`	`"in"`, `"out"`, or `"both"`

AuditConfig

Toggle audit logging for sandbox activity.

audit := &declaw.AuditConfig{
    Enabled:             true,
    RedactSensitiveData: true,
}

EnvSecurityConfig

Control how environment variable values are masked in audit logs.

envSec := &declaw.EnvSecurityConfig{
    MaskPatterns: []string{"*_KEY", "*_SECRET", "*_TOKEN"},
    SensitiveVars: []declaw.SecureEnvVar{
        {Name: "OPENAI_API_KEY", Value: "sk-..."},
    },
}

Full policy example

policy := declaw.SecurityPolicy{
    PII: &declaw.PIIConfig{
        Enabled: true,
        Types:   []declaw.PIIType{declaw.PIIEmail, declaw.PIISSN, declaw.PIICreditCard},
        Action:  declaw.RedactionActionRedact,
    },
    InjectionDefense: &declaw.InjectionDefenseConfig{
        Enabled:     true,
        Sensitivity: declaw.InjectionSensitivityHigh,
        Action:      declaw.InjectionActionBlock,
    },
    Network: &declaw.NetworkPolicy{
        AllowOut: []string{"api.openai.com", "pypi.org"},
        DenyOut:  []string{"0.0.0.0/0"}, // CIDR deny-all
    },
    Transformations: []declaw.TransformationRule{
        {
            Match:     `sk-[A-Za-z0-9]+`,
            Replace:   "sk-[REDACTED]",
            Direction: declaw.TransformOut,
        },
    },
    Audit: &declaw.AuditConfig{Enabled: true},
}

sbx, err := declaw.Create(ctx, declaw.WithSecurity(policy))

Documentation Index

​SecurityPolicy

​Methods

​PIIConfig

​PIIType constants

​RedactionAction constants

​InjectionDefenseConfig

​ToxicityConfig

​CodeSecurityConfig

​InvisibleTextConfig

​NetworkPolicy

​TransformationRule

​AuditConfig

​EnvSecurityConfig

​Full policy example