Security Policy / X-Policy
Configure security policies using SQRT policy language.
pydantic-model
Configuration header for Sequrity security policies (X-Policy).
Defines the rules and constraints that govern LLM behavior.
Example
Show JSON schema:
{
"$defs": {
"ControlFlowMetaPolicy": {
"description": "Control flow meta policy for branching tools.",
"properties": {
"mode": {
"default": "deny",
"description": "'allow' for whitelist, 'deny' for blacklist.",
"enum": [
"allow",
"deny"
],
"title": "Mode",
"type": "string"
},
"producers": {
"description": "Set of prohibited producers for control flow relaxer in custom mode.",
"items": {
"type": "string"
},
"title": "Producers",
"type": "array",
"uniqueItems": true
},
"tags": {
"description": "Set of prohibited tags for control flow relaxer in custom mode.",
"items": {
"type": "string"
},
"title": "Tags",
"type": "array",
"uniqueItems": true
},
"consumers": {
"description": "Set of prohibited consumers for control flow relaxer in custom mode.",
"items": {
"type": "string"
},
"title": "Consumers",
"type": "array",
"uniqueItems": true
}
},
"title": "ControlFlowMetaPolicy",
"type": "object"
},
"InternalPolicyPresets": {
"additionalProperties": false,
"description": "Internal policy presets for advanced policy configuration.",
"properties": {
"default_allow": {
"default": true,
"description": "Whether to allow tool calls by default.",
"title": "Default Allow",
"type": "boolean"
},
"default_allow_enforcement_level": {
"default": "soft",
"description": "Enforcement level for default allow policy.",
"enum": [
"hard",
"soft"
],
"title": "Default Allow Enforcement Level",
"type": "string"
},
"enable_non_executable_memory": {
"default": true,
"description": "Whether to enable non-executable memory internal policy (attach non-executable tag to all tool results by default).",
"title": "Enable Non Executable Memory",
"type": "boolean"
},
"branching_meta_policy": {
"$ref": "#/$defs/ControlFlowMetaPolicy"
},
"enable_llm_blocked_tag": {
"default": true,
"description": "Whether to enable LLM blocked tag internal policy (denies tool calls to parse_with_ai if any argument has LLM_BLOCKED_TAG).",
"title": "Enable Llm Blocked Tag",
"type": "boolean"
},
"llm_blocked_tag_enforcement_level": {
"default": "hard",
"description": "Enforcement level for LLM blocked tag internal policy.",
"enum": [
"hard",
"soft"
],
"title": "Llm Blocked Tag Enforcement Level",
"type": "string"
}
},
"title": "InternalPolicyPresets",
"type": "object"
},
"PolicyCode": {
"additionalProperties": false,
"description": "Security policy code container.\n\nAttributes:\n code: The security policy code as a single string.\n language: The language of the policy code (\"sqrt\" or \"cedar\").",
"properties": {
"code": {
"default": "",
"description": "The security policy code as a single string.",
"title": "Code",
"type": "string"
},
"language": {
"default": "sqrt",
"description": "The language of the policy code.",
"enum": [
"sqrt",
"cedar"
],
"title": "Language",
"type": "string"
}
},
"title": "PolicyCode",
"type": "object"
}
},
"additionalProperties": false,
"description": "Configuration header for Sequrity security policies (``X-Policy``).\n\nDefines the rules and constraints that govern LLM behavior.\n\nExample:\n ```python\n policy = SecurityPolicyHeader.dual_llm(codes=\"allow tool x;\")\n policy = SecurityPolicyHeader.single_llm()\n ```",
"properties": {
"mode": {
"anyOf": [
{
"enum": [
"standard",
"strict",
"custom"
],
"type": "string"
},
{
"type": "null"
}
],
"default": null,
"description": "The security mode: standard, strict, or custom.",
"title": "Mode"
},
"codes": {
"anyOf": [
{
"$ref": "#/$defs/PolicyCode"
},
{
"type": "null"
}
],
"default": null,
"description": "User security policy code."
},
"auto_gen": {
"anyOf": [
{
"type": "boolean"
},
{
"type": "null"
}
],
"default": null,
"description": "Whether to auto-generate policies based on tool metadata and natural language descriptions.",
"title": "Auto Gen"
},
"fail_fast": {
"anyOf": [
{
"type": "boolean"
},
{
"type": "null"
}
],
"default": null,
"description": "Whether to fail fast on first hard denial during policy checks.",
"title": "Fail Fast"
},
"presets": {
"anyOf": [
{
"$ref": "#/$defs/InternalPolicyPresets"
},
{
"type": "null"
}
],
"default": null,
"description": "Internal policy presets configuration."
}
},
"title": "SecurityPolicyHeader",
"type": "object"
}
Config:
extra:forbid
Fields:
-
mode(Literal['standard', 'strict', 'custom'] | None) -
codes(PolicyCode | None) -
auto_gen(bool | None) -
fail_fast(bool | None) -
presets(InternalPolicyPresets | None)
classmethod
single_llm(
mode: Literal["standard", "strict", "custom"] = "standard",
codes: str = "",
language: Literal["sqrt", "cedar"] = "sqrt",
fail_fast: bool | None = None,
default_allow: bool = True,
enable_llm_blocked_tag: bool = True,
llm_blocked_tag_enforcement_level: Literal["hard", "soft"] = "hard",
) -> SecurityPolicyHeader
Create a Single LLM security policy configuration.
Source code in src/sequrity/control/types/headers.py
classmethod
dual_llm(
mode: Literal["standard", "strict", "custom"] = "standard",
codes: str = "",
language: Literal["sqrt", "cedar"] = "sqrt",
auto_gen: bool = False,
fail_fast: bool | None = None,
default_allow: bool = True,
default_allow_enforcement_level: Literal["hard", "soft"] = "soft",
enable_non_executable_memory: bool = True,
enable_llm_blocked_tag: bool = True,
llm_blocked_tag_enforcement_level: Literal["hard", "soft"] = "hard",
branching_meta_policy_mode: Literal["allow", "deny"] = "deny",
branching_meta_policy_producers: set[str] | None = None,
branching_meta_policy_tags: set[str] | None = None,
branching_meta_policy_consumers: set[str] | None = None,
) -> SecurityPolicyHeader
Create a Dual LLM security policy configuration.
Source code in src/sequrity/control/types/headers.py
dump_for_headers(
mode: Literal["json", "json_str"] = "json_str",
*,
overrides: dict[str, Any] | None = None,
) -> dict | str
Serialize for use as the X-Policy HTTP header value.
Parameters:
-
(modeLiteral['json', 'json_str'], default:'json_str') –Output format —
"json"for a dict,"json_str"for a JSON string. -
(overridesdict[str, Any] | None, default:None) –Optional dict to deep-merge into the serialized output.
Source code in src/sequrity/control/types/headers.py
pydantic-model
Security policy code container.
Attributes:
-
code(str) –The security policy code as a single string.
-
language(Literal['sqrt', 'cedar']) –The language of the policy code ("sqrt" or "cedar").
Show JSON schema:
{
"additionalProperties": false,
"description": "Security policy code container.\n\nAttributes:\n code: The security policy code as a single string.\n language: The language of the policy code (\"sqrt\" or \"cedar\").",
"properties": {
"code": {
"default": "",
"description": "The security policy code as a single string.",
"title": "Code",
"type": "string"
},
"language": {
"default": "sqrt",
"description": "The language of the policy code.",
"enum": [
"sqrt",
"cedar"
],
"title": "Language",
"type": "string"
}
},
"title": "PolicyCode",
"type": "object"
}
Config:
extra:forbid
Fields:
pydantic-model
Internal policy presets for advanced policy configuration.
Show JSON schema:
{
"$defs": {
"ControlFlowMetaPolicy": {
"description": "Control flow meta policy for branching tools.",
"properties": {
"mode": {
"default": "deny",
"description": "'allow' for whitelist, 'deny' for blacklist.",
"enum": [
"allow",
"deny"
],
"title": "Mode",
"type": "string"
},
"producers": {
"description": "Set of prohibited producers for control flow relaxer in custom mode.",
"items": {
"type": "string"
},
"title": "Producers",
"type": "array",
"uniqueItems": true
},
"tags": {
"description": "Set of prohibited tags for control flow relaxer in custom mode.",
"items": {
"type": "string"
},
"title": "Tags",
"type": "array",
"uniqueItems": true
},
"consumers": {
"description": "Set of prohibited consumers for control flow relaxer in custom mode.",
"items": {
"type": "string"
},
"title": "Consumers",
"type": "array",
"uniqueItems": true
}
},
"title": "ControlFlowMetaPolicy",
"type": "object"
}
},
"additionalProperties": false,
"description": "Internal policy presets for advanced policy configuration.",
"properties": {
"default_allow": {
"default": true,
"description": "Whether to allow tool calls by default.",
"title": "Default Allow",
"type": "boolean"
},
"default_allow_enforcement_level": {
"default": "soft",
"description": "Enforcement level for default allow policy.",
"enum": [
"hard",
"soft"
],
"title": "Default Allow Enforcement Level",
"type": "string"
},
"enable_non_executable_memory": {
"default": true,
"description": "Whether to enable non-executable memory internal policy (attach non-executable tag to all tool results by default).",
"title": "Enable Non Executable Memory",
"type": "boolean"
},
"branching_meta_policy": {
"$ref": "#/$defs/ControlFlowMetaPolicy"
},
"enable_llm_blocked_tag": {
"default": true,
"description": "Whether to enable LLM blocked tag internal policy (denies tool calls to parse_with_ai if any argument has LLM_BLOCKED_TAG).",
"title": "Enable Llm Blocked Tag",
"type": "boolean"
},
"llm_blocked_tag_enforcement_level": {
"default": "hard",
"description": "Enforcement level for LLM blocked tag internal policy.",
"enum": [
"hard",
"soft"
],
"title": "Llm Blocked Tag Enforcement Level",
"type": "string"
}
},
"title": "InternalPolicyPresets",
"type": "object"
}
Config:
extra:forbid
Fields:
-
default_allow(bool) -
default_allow_enforcement_level(Literal['hard', 'soft']) -
enable_non_executable_memory(bool) -
branching_meta_policy(ControlFlowMetaPolicy) -
enable_llm_blocked_tag(bool) -
llm_blocked_tag_enforcement_level(Literal['hard', 'soft'])
pydantic-field
default_allow_enforcement_level: Literal['hard', 'soft'] = 'soft'
Enforcement level for default allow policy.
pydantic-field
enable_non_executable_memory: bool = True
Whether to enable non-executable memory internal policy (attach non-executable tag to all tool results by default).
pydantic-field
branching_meta_policy: ControlFlowMetaPolicy
Control flow meta policy for branching tools.
pydantic-field
enable_llm_blocked_tag: bool = True
Whether to enable LLM blocked tag internal policy (denies tool calls to parse_with_ai if any argument has LLM_BLOCKED_TAG).
pydantic-field
llm_blocked_tag_enforcement_level: Literal['hard', 'soft'] = 'hard'
Enforcement level for LLM blocked tag internal policy.
pydantic-model
Control flow meta policy for branching tools.
Show JSON schema:
{
"description": "Control flow meta policy for branching tools.",
"properties": {
"mode": {
"default": "deny",
"description": "'allow' for whitelist, 'deny' for blacklist.",
"enum": [
"allow",
"deny"
],
"title": "Mode",
"type": "string"
},
"producers": {
"description": "Set of prohibited producers for control flow relaxer in custom mode.",
"items": {
"type": "string"
},
"title": "Producers",
"type": "array",
"uniqueItems": true
},
"tags": {
"description": "Set of prohibited tags for control flow relaxer in custom mode.",
"items": {
"type": "string"
},
"title": "Tags",
"type": "array",
"uniqueItems": true
},
"consumers": {
"description": "Set of prohibited consumers for control flow relaxer in custom mode.",
"items": {
"type": "string"
},
"title": "Consumers",
"type": "array",
"uniqueItems": true
}
},
"title": "ControlFlowMetaPolicy",
"type": "object"
}
Fields:
pydantic-field
mode: Literal['allow', 'deny'] = 'deny'
'allow' for whitelist, 'deny' for blacklist.
pydantic-field
Set of prohibited producers for control flow relaxer in custom mode.