Skip to contents

Construct a shieldr_policy

Source: R/rules.R
shieldr_policy.Rd

Creates a validated policy from a list of shieldr_rule objects.

Usage

shieldr_policy(
  name,
  rules,
  thresholds,
  rate_guard = NULL,
  trusted_sources = NULL,
  controls = NULL
)

Arguments

name

Policy name.

rules

A list of shieldr_rule objects.

thresholds

A list containing numeric redact_at and block_at values between 0 and 1.

rate_guard

A shieldr_rate_guard environment, or NULL.

trusted_sources

Optional character vector of trusted context sources.

controls

Optional list from policy_controls().

Value

A shieldr_policy S3 object.

Details

This is the low-level constructor. Most users should start with policy(), which returns a ready-to-use built-in policy. shieldr_policy() is exported so advanced users and tests can construct exact policy objects.

trusted_sources is used by scan_context() only. If it is NULL, all sources are treated as trusted. If it is a character vector and source_col is supplied to scan_context(), rows with source values outside the allowlist receive an OWASP LLM08 finding.

controls is used by secure_chat() after scanner reports have already resolved to allow, redact, or block. Use policy_controls() to decide whether blocked prompts or outputs should return block, refuse, or escalate, and whether blocked context rows should be dropped, kept in redacted form, or stop the chat call.

Examples

shieldr_policy("empty", list(), list(redact_at = 0.4, block_at = 0.75))
#> llmshieldr policy
#> name: empty
#> rules: 0
#> redact_at: 0.4
#> block_at: 0.75