Skip to main content

Policy Rules

Rules let you control what can and can't flow through the gateway.

Creating rules​

Dashboard → Rules → Add Rule

Rule types​

Keyword block​

Block any request containing a word or pattern:

{
"name": "Block competitor mentions",
"type": "keyword_block",
"pattern": "competitor|rival_product",
"action": "block"
}

Prompt injection detection​

Autrace scans for common jailbreak patterns (DAN, ignore-previous-instructions, role-play bypass, etc.). Enable in Dashboard → Rules.

Rate limiting​

Limit tokens per key per hour:

{
"name": "Hourly token limit",
"type": "rate_limit",
"limit_tokens_per_hour": 50000
}

Default rules​

When you create an account, Autrace sets up sensible default rules:

  • PII detection (redact)
  • Basic prompt injection detection
  • Request size limit (32KB)

You can view and modify these in Dashboard → Rules.