Agnes ships four distinct policy types. They are easy to confuse because they all answer the same kind of question: “how should this analyzer behave for my tenant?” This page is the orientation page. Each policy type has its own dedicated reference under Policies.Documentation Index
Fetch the complete documentation index at: https://docs.lasscyber.com/llms.txt
Use this file to discover all available pages before exploring further.
| Policy type | Lives at | Consumed by | Customer-facing? |
|---|---|---|---|
| Combined / Agnes policy | /protection/policies | The POST /api/v1/analyze/ endpoint. | Yes — most users only ever touch this. |
| YARA policy | /protection/yara-policies | The YARA analyzer. | Yes — opt in if you author your own rules. |
| SDP policy | /protection/sensitive-data | The Sensitive Data analyzer. | Yes — required to fine-tune which info types are inspected. |
| Safety policy | /protection/safety-moderation | The Safety & Responsible AI analyzer. | Yes — opt in for custom guidelines beyond the default. |
How they fit together
A combined policy is the only thing your code refers to at request time. It in turn names the supporting policies (YARA / SDP / safety) it wants to run with, either inline as analyzer parameters or as request-level overrides on theanalyze call.
Combined / Agnes policies
The hero policy. Defines theexecution_plan, the ordered analyzer
steps, and the termination rules that decide whether a run blocks.
- Read The Agnes Analyzer for the schema and execution semantics.
- Read Agnes policies for CRUD, slugs, and versioning.
- Built-in fixtures:
default-inbound,default-outbound,default-permissive.
YARA policies
YARA is the rule engine you use to encode your business’s specific threat patterns — leaked source code shapes, internal codenames, known prompt injection idioms, etc. Agnes lets you create individual YARA rules and group them into a YARA policy so a single combined policy can target a specific subset of rules.- Read YARA rules and policies.
- A YARA policy is essentially
(name, ordered list of YARA rule IDs). - The combined policy points at one via the
yara_policy_idparameter on theyaraanalyzer (or via the request-levelyara_policy_idoverride).
SDP policies
SDP (Sensitive Data Protection) is Agnes’s wrapper around Google Cloud DLP. An SDP policy bundles an inspection configuration (which info types to detect, at what likelihood) with a de-identification configuration (how to mask findings). Agnes ships several defaults:| Default | Detects | Redacts as |
|---|---|---|
| General PII Redaction | EMAIL_ADDRESS, PHONE_NUMBER, PERSON_NAME, LOCATION, DATE_OF_BIRTH, IP_ADDRESS, URL, AGE | [REDACTED] |
| Financial Data Masking | CREDIT_CARD_NUMBER, IBAN_CODE, SWIFT_CODE, U.S. routing / account numbers | Asterisks |
| Healthcare PHI Protection | Medical record numbers, NPI / DEA, ICD-9 / 10 codes, FDA codes, HIPAA beneficiary IDs, blood type | Replaced with the info type label |
| Government ID Protection | SSN, passport, driver’s license, ITIN, ATIN | Asterisks |
| Credential & Secret Detection | AUTH_TOKEN, BASIC_AUTH_HEADER, PASSWORD, GCP API keys / credentials, signed URLs | Fully redacted |
- Read SDP policies.
Safety policies
A safety policy is the prompt text Agnes feeds to ShieldGemma when it acts as the LLM-as-judge. It defines the categories of content you consider unsafe, with category-specific guidelines. The shipped “Default Safety Policy” covers the standard categories (harmful content, hate speech, harassment, sexual content, misinformation, illegal content, privacy violations).- Read Safety policies.
- Custom safety policies are appropriate when your industry has tighter guidelines (e.g. healthcare advice safety, child-directed media, professional contexts).
Choosing what to author
If you are just getting started:- Use the shipped
default-inboundanddefault-outboundcombined policies as-is. They reference a sensible default SDP policy and the default safety policy. - Watch the Analysis log for a few days. Are you seeing false positives? Missing real attacks?
- Tighten what’s noisy: clone the default combined policy and adjust thresholds before you write any custom YARA / SDP / safety policies.
- Reach for YARA when you have business-specific patterns Agnes’s ML analyzers do not see.
- Reach for custom SDP when the default info type set is wrong for your domain (e.g. you actually expect SSNs and want to allow them).
- Reach for custom safety policies when the default category list does not match your product’s tone (educational, creative, strict).