> ## Documentation Index
> Fetch the complete documentation index at: https://docs.declaw.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Security Policy

> SecurityPolicy, PIIConfig, InjectionDefenseConfig, NetworkPolicy, TransformationRule, AuditConfig, and EnvSecurityConfig reference for the Go SDK.

```go theme={null}
import "github.com/declaw-ai/declaw-go"
```

A `SecurityPolicy` is passed to `Create()` via the `WithSecurity` option. It composes PII detection, injection defense, toxicity / code-security / invisible-text scanners, network policy, transformation rules, audit logging, and environment variable security into a single struct.

## SecurityPolicy

```go theme={null}
policy := declaw.SecurityPolicy{
    PII: &declaw.PIIConfig{
        Enabled: true,
        Types:   []declaw.PIIType{declaw.PIIEmail, declaw.PIICreditCard},
        Action:  declaw.RedactionActionRedact,
    },
    InjectionDefense: &declaw.InjectionDefenseConfig{
        Enabled: true,
        Action:  declaw.InjectionActionBlock,
    },
    Audit: &declaw.AuditConfig{Enabled: true},
}

sbx, err := declaw.Create(ctx,
    declaw.WithSecurity(policy),
)
```

| Field              | Type                      | Description                                  |
| ------------------ | ------------------------- | -------------------------------------------- |
| `PII`              | `*PIIConfig`              | PII detection and redaction                  |
| `InjectionDefense` | `*InjectionDefenseConfig` | Prompt injection defense                     |
| `Transformations`  | `[]TransformationRule`    | Regex-based request/response transformations |
| `Network`          | `*NetworkPolicy`          | Network allowlist/denylist                   |
| `Audit`            | `*AuditConfig`            | Audit logging                                |
| `EnvSecurity`      | `*EnvSecurityConfig`      | Environment variable masking                 |
| `Toxicity`         | `*ToxicityConfig`         | Toxicity scanner                             |
| `CodeSecurity`     | `*CodeSecurityConfig`     | Code security scanner                        |
| `InvisibleText`    | `*InvisibleTextConfig`    | Invisible Unicode scanner                    |
| `ContentGate`      | `*ContentGateConfig`      | `content.scan` OPA gate (model allowlist)    |
| `CustomPolicy`     | `*CustomPolicyConfig`     | Customer-supplied OPA/Rego policy            |

### Methods

| Method                             | Returns                  | Description                                     |
| ---------------------------------- | ------------------------ | ----------------------------------------------- |
| `policy.RequiresTLSInterception()` | `bool`                   | `true` if any scanner requires TLS interception |
| `policy.ToJSON()`                  | `map[string]interface{}` | Serialize to API-compatible map                 |
| `ParseSecurityPolicy(data)`        | `*SecurityPolicy`        | Deserialize from API response                   |

***

## PIIConfig

Configure detection and handling of personally identifiable information in outbound HTTP traffic.

```go theme={null}
pii := &declaw.PIIConfig{
    Enabled: true,
    Types:   []declaw.PIIType{declaw.PIIEmail, declaw.PIICreditCard, declaw.PIISSN},
    Action:  declaw.RedactionActionRedact,
    Model:   "presidio",
}
```

| Field     | Type              | Default   | Description                                              |
| --------- | ----------------- | --------- | -------------------------------------------------------- |
| `Enabled` | `bool`            | `false`   | Whether PII scanning is active                           |
| `Types`   | `[]PIIType`       | all types | PII types to scan for                                    |
| `Action`  | `RedactionAction` | `""`      | Action on detection: `"redact"`, `"block"`, `"log_only"` |
| `Model`   | `string`          | `""`      | Scanner model to use                                     |

### `PIIType` constants

```go theme={null}
const (
    PIIEmail      PIIType = "email"
    PIIPhone      PIIType = "phone"
    PIISSN        PIIType = "ssn"
    PIICreditCard PIIType = "credit_card"
    PIIPersonName PIIType = "person_name"
    PIIAPIKey     PIIType = "api_key"
    PIIAddress    PIIType = "address"
    PIIIPAddress  PIIType = "ip_address"
)
```

### `RedactionAction` constants

```go theme={null}
const (
    RedactionActionRedact  RedactionAction = "redact"
    RedactionActionBlock   RedactionAction = "block"
    RedactionActionLogOnly RedactionAction = "log_only"
)
```

***

## InjectionDefenseConfig

Detect and block prompt injection attempts in outbound HTTP request bodies.

```go theme={null}
injection := &declaw.InjectionDefenseConfig{
    Enabled:     true,
    Sensitivity: declaw.InjectionSensitivityMedium,
    Action:      declaw.InjectionActionBlock,
}
```

| Field         | Type                   | Default | Description                         |
| ------------- | ---------------------- | ------- | ----------------------------------- |
| `Enabled`     | `bool`                 | `false` | Whether injection defense is active |
| `Sensitivity` | `InjectionSensitivity` | `""`    | `"low"`, `"medium"`, or `"high"`    |
| `Action`      | `InjectionAction`      | `""`    | `"block"` or `"log_only"`           |

***

## ToxicityConfig

Scan outbound HTTP request bodies for toxic content.

```go theme={null}
toxicity := &declaw.ToxicityConfig{
    Enabled:   true,
    Threshold: 0.9,
}
```

| Field       | Type      | Default | Description                         |
| ----------- | --------- | ------- | ----------------------------------- |
| `Enabled`   | `bool`    | `false` | Whether toxicity scanning is active |
| `Threshold` | `float64` | `0`     | Confidence threshold (0.0–1.0)      |

***

## CodeSecurityConfig

Detect suspicious code in outbound HTTP request bodies.

```go theme={null}
codeSec := &declaw.CodeSecurityConfig{
    Enabled:                 true,
    DetectSuspiciousImports: true,
}
```

| Field                     | Type   | Default | Description                              |
| ------------------------- | ------ | ------- | ---------------------------------------- |
| `Enabled`                 | `bool` | `false` | Whether code-security scanning is active |
| `DetectSuspiciousImports` | `bool` | `false` | Flag suspicious import statements        |

***

## InvisibleTextConfig

Detect invisible or control Unicode characters in outbound HTTP request bodies.

```go theme={null}
invisible := &declaw.InvisibleTextConfig{
    Enabled:         true,
    DetectZeroWidth: true,
}
```

| Field             | Type   | Default | Description                               |
| ----------------- | ------ | ------- | ----------------------------------------- |
| `Enabled`         | `bool` | `false` | Whether invisible-text scanning is active |
| `DetectZeroWidth` | `bool` | `false` | Detect zero-width characters              |

***

## CustomPolicyConfig

Attach OPA/Rego policy — a built-in governance pack via `PolicyRef`, or your
own rules via `InlineRego`/`InlineModules`. Custom rules are evaluated at the
enforcement layer alongside the platform defaults and can only tighten policy,
never relax it.

```go theme={null}
// Reference a built-in governance pack
custom := &declaw.CustomPolicyConfig{
    Enabled:   true,
    PolicyRef: "owasp-llm-top10@v1",
}

// Or supply your own Rego
custom := &declaw.CustomPolicyConfig{
    Enabled: true,
    InlineRego: `
        deny_command contains msg if {
            input.action.command in {"rm", "dd"}
            msg := "dangerous command blocked"
        }
    `,
}
```

| Field           | Type       | Default | Description                                                           |
| --------------- | ---------- | ------- | --------------------------------------------------------------------- |
| `Enabled`       | `bool`     | `false` | Whether custom policy evaluation is active                            |
| `InlineRego`    | `string`   | `""`    | A single Rego module string appended to platform defaults             |
| `InlineModules` | `[]string` | `nil`   | Independent Rego module strings, each its own `package`               |
| `PolicyRef`     | `string`   | `""`    | Reference a bundle by `name@version`, `sha256:<hex>`, or `blob:<key>` |
| `DefaultDeny`   | `bool`     | `false` | Fail-closed: when `true`, an evaluator error denies the action        |

See [Custom Policy](/security/custom-policy) and
[Governance Packs](/security/governance-packs) for the full guides.

***

## ContentGateConfig

Run the `content.scan` OPA gate (e.g. an LLM model allowlist / cross-signal
rules) on the listed domains. Opts a sandbox into content-gate enforcement
without requiring an ML scanner to be enabled.

```go theme={null}
content := &declaw.ContentGateConfig{
    Enabled: true,
    Domains: []string{"api.openai.com", "api.anthropic.com"},
}
```

| Field     | Type       | Default | Description                                                  |
| --------- | ---------- | ------- | ------------------------------------------------------------ |
| `Enabled` | `bool`     | `false` | Whether the content gate is active                           |
| `Domains` | `[]string` | `nil`   | Opt-in destination hosts to intercept; empty intercepts none |

See [Custom Policy](/security/custom-policy) for details.

***

## NetworkPolicy

Network allowlist and denylist for outbound traffic from the sandbox.

```go theme={null}
network := &declaw.NetworkPolicy{
    AllowOut: []string{"pypi.org", "*.github.com"},
    DenyOut:  []string{"0.0.0.0/0"}, // or use declaw.AllTraffic for wildcard "*"
}
```

| Field      | Type       | Description                                 |
| ---------- | ---------- | ------------------------------------------- |
| `AllowOut` | `[]string` | Destinations to allow (IPs, CIDRs, domains) |
| `DenyOut`  | `[]string` | Destinations to deny (IPs, CIDRs)           |

***

## TransformationRule

Regex-based text transformation applied to outbound request bodies, inbound response bodies, or both.

```go theme={null}
rule := declaw.TransformationRule{
    Match:     `Bearer [A-Za-z0-9\-_\.]+`,
    Replace:   "Bearer [REDACTED]",
    Direction: declaw.TransformOut,
}
```

| Field       | Type                 | Description                  |
| ----------- | -------------------- | ---------------------------- |
| `Match`     | `string`             | Regular expression pattern   |
| `Replace`   | `string`             | Replacement string           |
| `Direction` | `TransformDirection` | `"in"`, `"out"`, or `"both"` |

***

## AuditConfig

Toggle audit logging for sandbox activity.

```go theme={null}
audit := &declaw.AuditConfig{
    Enabled:             true,
    RedactSensitiveData: true,
}
```

***

## EnvSecurityConfig

Control how environment variable values are masked in audit logs.

```go theme={null}
envSec := &declaw.EnvSecurityConfig{
    MaskPatterns: []string{"*_KEY", "*_SECRET", "*_TOKEN"},
    SensitiveVars: []declaw.SecureEnvVar{
        {Name: "OPENAI_API_KEY", Value: "sk-..."},
    },
}
```

***

## Full policy example

```go theme={null}
policy := declaw.SecurityPolicy{
    PII: &declaw.PIIConfig{
        Enabled: true,
        Types:   []declaw.PIIType{declaw.PIIEmail, declaw.PIISSN, declaw.PIICreditCard},
        Action:  declaw.RedactionActionRedact,
    },
    InjectionDefense: &declaw.InjectionDefenseConfig{
        Enabled:     true,
        Sensitivity: declaw.InjectionSensitivityHigh,
        Action:      declaw.InjectionActionBlock,
    },
    Network: &declaw.NetworkPolicy{
        AllowOut: []string{"api.openai.com", "pypi.org"},
        DenyOut:  []string{"0.0.0.0/0"}, // CIDR deny-all
    },
    Transformations: []declaw.TransformationRule{
        {
            Match:     `sk-[A-Za-z0-9]+`,
            Replace:   "sk-[REDACTED]",
            Direction: declaw.TransformOut,
        },
    },
    CustomPolicy: &declaw.CustomPolicyConfig{
        Enabled:   true,
        PolicyRef: "owasp-llm-top10@v1",
    },
    ContentGate: &declaw.ContentGateConfig{
        Enabled: true,
        Domains: []string{"api.openai.com"},
    },
    Audit: &declaw.AuditConfig{Enabled: true},
}

sbx, err := declaw.Create(ctx, declaw.WithSecurity(policy))
```
