Skip to main content
import "github.com/declaw-ai/declaw-go"
A SecurityPolicy is passed to Create() via the WithSecurity option. It composes PII detection, injection defense, toxicity / code-security / invisible-text scanners, network policy, transformation rules, audit logging, and environment variable security into a single struct.

SecurityPolicy

policy := declaw.SecurityPolicy{
    PII: &declaw.PIIConfig{
        Enabled: true,
        Types:   []declaw.PIIType{declaw.PIIEmail, declaw.PIICreditCard},
        Action:  declaw.RedactionActionRedact,
    },
    InjectionDefense: &declaw.InjectionDefenseConfig{
        Enabled: true,
        Action:  declaw.InjectionActionBlock,
    },
    Audit: &declaw.AuditConfig{Enabled: true},
}

sbx, err := declaw.Create(ctx,
    declaw.WithSecurity(policy),
)
FieldTypeDescription
PII*PIIConfigPII detection and redaction
InjectionDefense*InjectionDefenseConfigPrompt injection defense
Transformations[]TransformationRuleRegex-based request/response transformations
Network*NetworkPolicyNetwork allowlist/denylist
Audit*AuditConfigAudit logging
EnvSecurity*EnvSecurityConfigEnvironment variable masking
Toxicity*ToxicityConfigToxicity scanner
CodeSecurity*CodeSecurityConfigCode security scanner
InvisibleText*InvisibleTextConfigInvisible Unicode scanner
ContentGate*ContentGateConfigcontent.scan OPA gate (model allowlist)
CustomPolicy*CustomPolicyConfigCustomer-supplied OPA/Rego policy

Methods

MethodReturnsDescription
policy.RequiresTLSInterception()booltrue if any scanner requires TLS interception
policy.ToJSON()map[string]interface{}Serialize to API-compatible map
ParseSecurityPolicy(data)*SecurityPolicyDeserialize from API response

PIIConfig

Configure detection and handling of personally identifiable information in outbound HTTP traffic.
pii := &declaw.PIIConfig{
    Enabled: true,
    Types:   []declaw.PIIType{declaw.PIIEmail, declaw.PIICreditCard, declaw.PIISSN},
    Action:  declaw.RedactionActionRedact,
    Model:   "presidio",
}
FieldTypeDefaultDescription
EnabledboolfalseWhether PII scanning is active
Types[]PIITypeall typesPII types to scan for
ActionRedactionAction""Action on detection: "redact", "block", "log_only"
Modelstring""Scanner model to use

PIIType constants

const (
    PIIEmail      PIIType = "email"
    PIIPhone      PIIType = "phone"
    PIISSN        PIIType = "ssn"
    PIICreditCard PIIType = "credit_card"
    PIIPersonName PIIType = "person_name"
    PIIAPIKey     PIIType = "api_key"
    PIIAddress    PIIType = "address"
    PIIIPAddress  PIIType = "ip_address"
)

RedactionAction constants

const (
    RedactionActionRedact  RedactionAction = "redact"
    RedactionActionBlock   RedactionAction = "block"
    RedactionActionLogOnly RedactionAction = "log_only"
)

InjectionDefenseConfig

Detect and block prompt injection attempts in outbound HTTP request bodies.
injection := &declaw.InjectionDefenseConfig{
    Enabled:     true,
    Sensitivity: declaw.InjectionSensitivityMedium,
    Action:      declaw.InjectionActionBlock,
}
FieldTypeDefaultDescription
EnabledboolfalseWhether injection defense is active
SensitivityInjectionSensitivity"""low", "medium", or "high"
ActionInjectionAction"""block" or "log_only"

ToxicityConfig

Scan outbound HTTP request bodies for toxic content.
toxicity := &declaw.ToxicityConfig{
    Enabled:   true,
    Threshold: 0.9,
}
FieldTypeDefaultDescription
EnabledboolfalseWhether toxicity scanning is active
Thresholdfloat640Confidence threshold (0.0–1.0)

CodeSecurityConfig

Detect suspicious code in outbound HTTP request bodies.
codeSec := &declaw.CodeSecurityConfig{
    Enabled:                 true,
    DetectSuspiciousImports: true,
}
FieldTypeDefaultDescription
EnabledboolfalseWhether code-security scanning is active
DetectSuspiciousImportsboolfalseFlag suspicious import statements

InvisibleTextConfig

Detect invisible or control Unicode characters in outbound HTTP request bodies.
invisible := &declaw.InvisibleTextConfig{
    Enabled:         true,
    DetectZeroWidth: true,
}
FieldTypeDefaultDescription
EnabledboolfalseWhether invisible-text scanning is active
DetectZeroWidthboolfalseDetect zero-width characters

CustomPolicyConfig

Attach OPA/Rego policy — a built-in governance pack via PolicyRef, or your own rules via InlineRego/InlineModules. Custom rules are evaluated at the enforcement layer alongside the platform defaults and can only tighten policy, never relax it.
// Reference a built-in governance pack
custom := &declaw.CustomPolicyConfig{
    Enabled:   true,
    PolicyRef: "owasp-llm-top10@v1",
}

// Or supply your own Rego
custom := &declaw.CustomPolicyConfig{
    Enabled: true,
    InlineRego: `
        deny_command contains msg if {
            input.action.command in {"rm", "dd"}
            msg := "dangerous command blocked"
        }
    `,
}
FieldTypeDefaultDescription
EnabledboolfalseWhether custom policy evaluation is active
InlineRegostring""A single Rego module string appended to platform defaults
InlineModules[]stringnilIndependent Rego module strings, each its own package
PolicyRefstring""Reference a bundle by name@version, sha256:<hex>, or blob:<key>
DefaultDenyboolfalseFail-closed: when true, an evaluator error denies the action
See Custom Policy and Governance Packs for the full guides.

ContentGateConfig

Run the content.scan OPA gate (e.g. an LLM model allowlist / cross-signal rules) on the listed domains. Opts a sandbox into content-gate enforcement without requiring an ML scanner to be enabled.
content := &declaw.ContentGateConfig{
    Enabled: true,
    Domains: []string{"api.openai.com", "api.anthropic.com"},
}
FieldTypeDefaultDescription
EnabledboolfalseWhether the content gate is active
Domains[]stringnilOpt-in destination hosts to intercept; empty intercepts none
See Custom Policy for details.

NetworkPolicy

Network allowlist and denylist for outbound traffic from the sandbox.
network := &declaw.NetworkPolicy{
    AllowOut: []string{"pypi.org", "*.github.com"},
    DenyOut:  []string{"0.0.0.0/0"}, // or use declaw.AllTraffic for wildcard "*"
}
FieldTypeDescription
AllowOut[]stringDestinations to allow (IPs, CIDRs, domains)
DenyOut[]stringDestinations to deny (IPs, CIDRs)

TransformationRule

Regex-based text transformation applied to outbound request bodies, inbound response bodies, or both.
rule := declaw.TransformationRule{
    Match:     `Bearer [A-Za-z0-9\-_\.]+`,
    Replace:   "Bearer [REDACTED]",
    Direction: declaw.TransformOut,
}
FieldTypeDescription
MatchstringRegular expression pattern
ReplacestringReplacement string
DirectionTransformDirection"in", "out", or "both"

AuditConfig

Toggle audit logging for sandbox activity.
audit := &declaw.AuditConfig{
    Enabled:             true,
    RedactSensitiveData: true,
}

EnvSecurityConfig

Control how environment variable values are masked in audit logs.
envSec := &declaw.EnvSecurityConfig{
    MaskPatterns: []string{"*_KEY", "*_SECRET", "*_TOKEN"},
    SensitiveVars: []declaw.SecureEnvVar{
        {Name: "OPENAI_API_KEY", Value: "sk-..."},
    },
}

Full policy example

policy := declaw.SecurityPolicy{
    PII: &declaw.PIIConfig{
        Enabled: true,
        Types:   []declaw.PIIType{declaw.PIIEmail, declaw.PIISSN, declaw.PIICreditCard},
        Action:  declaw.RedactionActionRedact,
    },
    InjectionDefense: &declaw.InjectionDefenseConfig{
        Enabled:     true,
        Sensitivity: declaw.InjectionSensitivityHigh,
        Action:      declaw.InjectionActionBlock,
    },
    Network: &declaw.NetworkPolicy{
        AllowOut: []string{"api.openai.com", "pypi.org"},
        DenyOut:  []string{"0.0.0.0/0"}, // CIDR deny-all
    },
    Transformations: []declaw.TransformationRule{
        {
            Match:     `sk-[A-Za-z0-9]+`,
            Replace:   "sk-[REDACTED]",
            Direction: declaw.TransformOut,
        },
    },
    CustomPolicy: &declaw.CustomPolicyConfig{
        Enabled:   true,
        PolicyRef: "owasp-llm-top10@v1",
    },
    ContentGate: &declaw.ContentGateConfig{
        Enabled: true,
        Domains: []string{"api.openai.com"},
    },
    Audit: &declaw.AuditConfig{Enabled: true},
}

sbx, err := declaw.Create(ctx, declaw.WithSecurity(policy))