Security (advanced)

This section is for security teams and auditors. It is not required for first-time customer integrations.

Authoritative references

For the full platform enforcement description, see:

Full Action & Policy Enforcement Specification (Advanced)

What customers should rely on

The status and reason returned by /api/validate are the authoritative signals.
ActionKind pages define the allowed action_type values and required context fields.
Managed policies are expressed as outcomes (PASS/WARN/BLOCK). Customers should not need raw rule definitions.

Legal & Responsibility Notice

Summary

Informational only

Provided for general guidance. Not legal, compliance, security, or professional advice.

You control implementation

You are responsible for policies, prompts, integrations, workflows, and regulatory requirements.

Liability limitation

To the maximum extent permitted by law, the company disclaims liability for losses arising from use of this documentation or implementations based on it.