In addition to the 96 built-in rules, you can create custom rules that match your organization’s specific security requirements. Custom rules are evaluated alongside built-in rules and enforce patterns unique to your environment.
Creating a Custom Rule
Navigate to Agentic Security > Agent Security (/security/prompt) and select the Custom tab. Click Add Rule to open the Create Rule Wizard.
The wizard walks you through three steps:
Step 1: Choose a Type
Select what kind of content the rule should evaluate:
| Type | Evaluates | Default Hooks |
|---|
| Command | Shell commands the agent attempts to execute | PreToolUse |
| Secret | Content that may contain credentials or sensitive data | PreToolUse, PostToolUse |
| Injection | Input that may be attempting to manipulate agent behavior | UserPromptSubmit, PostToolUse |
Step 2: Define the Pattern
Give your rule a name and write a regex pattern that matches the content you want to catch. You can start from a template or write a custom pattern from scratch.
The wizard validates your regex in real time and shows a live preview of the rule on the right sidebar.
Examples:
| Pattern | What It Catches |
|---|
internal-api\.company\.com | References to internal API endpoints |
COMPANY_SECRET_\w+ | Company-specific secret key patterns |
kubectl.*--namespace=production | kubectl commands targeting production |
git push.*--force.*main | Force pushes to main branch |
| Field | Description |
|---|
| Severity | Critical, High, Medium, or Low |
| Message | Custom message shown when the rule triggers |
| Allow Override | Whether developers can override the block |
| Category | Organizational category for the rule |
| Description | Detailed description of what the rule catches |
Examples
Block Production Database Access
Prevent agents from connecting to production databases:
- Type: Command
- Pattern:
psql.*prod-db|mysql.*production|mongosh.*prod
- Severity: Critical
Flag Internal URL References
Catch when agents reference internal services:
- Type: Secret
- Pattern:
https?://[a-z]+\.internal\.company\.com
- Severity: Low
Block Deployment Commands
Prevent agents from deploying directly:
- Type: Command
- Pattern:
(terraform apply|helm install|kubectl apply).*--auto-approve
- Severity: High
Managing Custom Rules
From Agentic Security > Agent Security > Custom tab, you can:
- Toggle a rule between Active and Disabled by clicking the status badge
- Delete a rule permanently using the trash icon
- Add new rules at any time
Custom rules are stored separately from built-in rule configuration. Each custom rule displays its type, name, pattern, active hooks, severity, and status in the table.
If both a built-in and custom rule match, the more restrictive action takes precedence.
Custom rules require the Teams plan. Solo plan users will see an upgrade prompt when attempting to create custom rules.
