Conflux Docs
Governance

Compliance overview

How Conflux detects, sanitizes, blocks, or reroutes risky content.

Compliance overview diagramClick to enlarge
CloseCompliance overview diagram

Modes

MonitorRecord findings but do not alter requests.
WarnApply non-blocking intervention such as sanitization where configured.
EnforceBlock or reroute requests when policy requires it.

Built-in protection

Built-in domains detect secrets, API keys, bearer tokens, private keys, database URLs, private infrastructure, PII, finance identifiers, HR/legal markers, and destructive operations such as DROP TABLE, rm -rf, kubectl delete, terraform destroy, and unsafe mass SQL operations.

Custom rules

Workspace teams can add custom regex or keyword rules for internal identifiers, project-specific terms, regulated records, or customer formats. Custom rules should be precise to avoid false positives.