policy() is the easiest way to start. It returns a ready-to-use policy for
common safety profiles such as "enterprise_default", "pharma_gxp", and
"comprehensive".
Usage
policy(name = "enterprise_default", overrides = list())Arguments
- name
Built-in policy name. Defaults to
"enterprise_default".- overrides
Optional list with
rules,thresholds,rate_guard, ortrusted_sourcesentries.controlsmay be supplied withpolicy_controls()to tune orchestration behavior insecure_chat().
Details
Built-in policies are assembled from the rule helpers in R/rules.R. They
use OWASP GenAI / LLM Top 10 categories as the organizing taxonomy, then add
common controls such as PII patterns, secret patterns, system-prompt
extraction checks, excessive-agency language, domain-specific claims, and
optional rate guards.
Policy names:
enterprise_default: broad production baseline for injection, NLP intent, PII/PHI, secrets, system prompt extraction, and agency language.pharma_gxp:enterprise_defaultplus clinical identifiers, diagnosis and treatment language, unsafe code checks, and stricter thresholds.finance_strict:enterprise_defaultplus account numbers, investment advice language, autonomous trading language, and a token-rate guard.education_safe:enterprise_defaultplus minor-related PII and academic-integrity bypass language.open_research: a smaller open-workflow profile focused on injection and secrets, with higher thresholds.comprehensive: a maximum-coverage profile combining the enterprise, pharma, finance, education, code-safety, and rate-guard controls. Uses moderate thresholds (redact_at = 0.4,block_at = 0.7). For pharma-tier strictness, supplyoverrides = list(thresholds = list(redact_at = 0.3, block_at = 0.6))explicitly.custom: no rules, default thresholds.baseline: backward-compatible alias forenterprise_default.
These policies are starting points. They are transparent, testable, and can
be extended with add_rule() for application-specific requirements.