Skip to content
Glitch

Policies

A Policy is the central configuration object in Glitch. It defines which detectors run, at what sensitivity, and what action to take when threats are detected.

Why Policies?

Section titled “Why Policies?”

Instead of configuring security rules per-application, Glitch uses policies to create reusable, consistent security configurations:

  • One Policy, Many Projects — Create a “Strict Security” policy and apply it to all production projects
  • Separate Input/Output Rules — Different detectors for what goes into vs. comes out of the LLM
  • Per-Detector Tuning — Set different threshold levels for prompt injection vs. PII detection
  • Instant Updates — Change a policy; all linked projects update immediately

Policy Structure

Section titled “Policy Structure”

Every policy contains:

FieldDescription
nameHuman-readable policy name
policy_modeIO (both), I (input only), or O (output only)
input_detectorsList of detectors to run on LLM inputs
output_detectorsList of detectors to run on LLM outputs
allow_listPatterns to bypass detection
deny_listPatterns to always block
custom_detectorsUser-defined regex patterns

Detector Configuration

Section titled “Detector Configuration”

Each detector in input_detectors or output_detectors specifies:

{
  "detector_type": "prompt_attack",
  "threshold": "L2",
  "action": "block"
}
FieldValues
detector_typeprompt_attack, pii/email, pii/credit_card, moderated_content/hate, etc.
thresholdL1 (confident) → L4 (sensitive) — see Threshold Levels
actionblock (reject request), flag (allow but log), allow (pass through)

Example Policy

Section titled “Example Policy”
{
  "name": "Balanced Security",
  "policy_mode": "IO",
  "input_detectors": [
    { "detector_type": "prompt_attack", "threshold": "L2", "action": "block" },
    { "detector_type": "pii/email", "threshold": "L2", "action": "flag" },
    { "detector_type": "pii/credit_card", "threshold": "L1", "action": "block" }
  ],
  "output_detectors": [
    { "detector_type": "pii/email", "threshold": "L2", "action": "block" },
    { "detector_type": "moderated_content/hate", "threshold": "L2", "action": "block" }
  ]
}

Projects

Section titled “Projects”

A Project represents a single application or use case using Glitch. Each project:

  • Has a unique API key for authentication
  • Is assigned to exactly one Policy
  • Falls back to the organization’s default policy if none is set
Organization
├── Policy: "Strict Security"
│   ├── Project: prod-chatbot (API key: glitch_xxx...)
│   └── Project: prod-assistant (API key: glitch_yyy...)
├── Policy: "Permissive"
│   └── Project: internal-tools (API key: glitch_zzz...)
└── Default Policy: "Balanced Security"

Managing Policies

Section titled “Managing Policies”

Create a Policy

Section titled “Create a Policy”
Terminal window
curl -X POST https://api.golabrat.ai/api/v1/policies/ \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "My Policy",
    "policy_mode": "IO",
    "input_detectors": [
      { "detector_type": "prompt_attack", "threshold": "L2", "action": "block" }
    ],
    "output_detectors": []
  }'

Assign Policy to Project

Section titled “Assign Policy to Project”
Terminal window
curl -X PATCH https://api.golabrat.ai/api/v1/projects/{project_id}/ \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{ "policy_id": "uuid-of-policy" }'

Set Organization Default

Section titled “Set Organization Default”
Terminal window
curl -X POST https://api.golabrat.ai/api/v1/policies/{policy_id}/set_default/ \
  -H "Authorization: Bearer YOUR_TOKEN"

Next Steps

Section titled “Next Steps”