Browser Guard Policies
Configure policies that govern AI usage in the browser — BLOCK, WARN, JUSTIFY, REDIRECT, MODIFY.
Browser Guard uses the same policy engine as the gateway, SDK, and MCP paths. There is no separate policy set — you write one policy, it applies everywhere. The only difference is the ingestion path, which Browser Guard tags as BROWSER_SHIELD for filtering and audit reporting.
The five enforcement actions
| Action | User experience | Trace record |
|---|---|---|
| BLOCK | Prompt is not sent. Red toast with the policy reason. The user cannot proceed. | decision: BLOCKED |
| WARN | Amber toast warns the user. Two buttons: Send anyway (proceeds) or Cancel. | decision: WARNED, userAction: WARN_PROCEEDED (if sent) |
| JUSTIFY | Modal dialog requires a written business justification before the prompt can be sent. | decision: JUSTIFIED, justification: "..." |
| REDIRECT | Toast with a link to an approved alternative (e.g. internal Llama 3, Copilot for Enterprise). | decision: REDIRECTED, redirect_to: "..." |
| MODIFY | PII / secrets are masked inline before sending. Green toast lists what was masked. | decision: MODIFIED, redactions: [...] |
Pick by the threat model and business impact:
- BLOCK for unconditional prohibitions (e.g. financial-advice generation, credit-card-in-prompt).
- WARN when the action is risky but sometimes legitimate (e.g. customer data on a public LLM — fine for marketing copy, never for an authenticated user record).
- JUSTIFY when you need an audit trail of "why" — the justification text is recorded with tamper-evidence.
- REDIRECT when you have an approved internal alternative — drives adoption of sanctioned tools.
- MODIFY for masking-friendly data (PII, secrets). The user keeps working; sensitive bytes never leave.
Recommended starter policies
PII protection (MODIFY)
Browser-based AI is the #1 source of accidental PII leakage. Set a MODIFY policy on BROWSER_SHIELD traces with the PII redaction preset enabled. The masked prompt continues to the LLM; the user keeps their workflow; you keep compliance.
Customer-data block (BLOCK)
A second tighter policy that scopes to "real customer records" — e.g. anything containing email + phone + name in the same prompt — and blocks. The MODIFY policy above catches one PII type at a time; this catches the "I'm asking ChatGPT about a specific customer" pattern.
Confidential project names (BLOCK)
Block prompts containing internal project codenames, financial figures, or customer logos. Configure the keyword list in the policy's neural instruction.
Shadow AI observability (FLAG)
Before you start blocking, run a FLAG-only policy for two weeks to see what employees are actually doing. Data surfaces in the Shadow AI Dashboard — use the findings to scope your real policies.
Recording user actions on traces
When a WARN, JUSTIFY, or REDIRECT fires, Palveron records the user's response on the trace. Programmatic callers (e.g. the Browser Guard extension, custom integrations) update the trace via:
POST /api/v1/traces/{trace_id}/action
Authorization: Bearer ext_...
{
"action": "WARN_PROCEEDED",
"justification": "Reviewing public marketing copy — no PII."
}Valid actions: WARN_PROCEEDED, JUSTIFIED, REJECTED, REDIRECTED. The endpoint is idempotent — first writer wins; subsequent calls return the original record.
User actions surface in:
- Trace detail — User Action Badge with hover-to-see-justification (see Trace Explorer).
- Compliance reports — Per-agent
warn_overridescounter; appears in the EU AI Act Annex IV PDF as evidence of human oversight. - Shadow AI compliance summary — Per-domain warn-override rate; helps you spot policies that fire too often (probably mis-scoped) and policies that never fire but absorb a lot of justifications (probably the policy reason is unclear).
Toast notifications
Users see color-coded toasts that disappear after 6 seconds (or stay until acknowledged for JUSTIFY).
| Color | Meaning |
|---|---|
| 🔴 Red | Prompt blocked |
| 🟠 Amber | Warning — proceed or cancel |
| 🔵 Blue | Justification required |
| 🟣 Purple | Redirect to approved tool |
| 🟢 Green | Prompt modified (masked) — sent |
Toasts auto-detect the browser language (English or German out of the box). For other languages, configure custom translations under Settings → Browser Guard → Localization.