Skip to main content
Turen ships with 96 built-in security rules that protect your AI coding agents from dangerous actions. Rules are evaluated in real time and block threats before they execute.

Where to Find Security Rules

Security rules are managed under the Agentic Security section in the sidebar (ShieldCheck icon). There are three pages:
PageRoutePurpose
Software Security/security/softwarePackage install thresholds, license policies, SAST, malware
Agent Security/security/promptCommand validation, injection detection, secret scanning, custom rules
Security Settings/security/settingsCentral on/off toggles, detection modules, mode settings

Rule Categories

Command Validation

61 rules that block destructive shell commands before execution.

Prompt Injection

20 rules that detect attempts to hijack AI agent behavior.

Secret Detection

15 rules that prevent credentials and secrets from leaking.

How Rules Work

Rules are pattern-based checks evaluated as Claude Code hooks on LLM requests and responses. When a rule matches:
  1. The action is blocked or flagged based on severity
  2. A security event is logged
  3. The event appears in your dashboard under Monitor > Events
  4. Claude Code receives feedback indicating the action was blocked

Rule Severity

Rules are classified by severity, which determines the response:
SeverityDescription
CriticalImmediate threat — data destruction, system compromise. Blocked.
HighSignificant risk — credential exposure, unauthorized access. Blocked.
MediumModerate risk — potentially unsafe operations. Warning issued.
LowMinor risk — best practice violations. Warning issued.

Managing Rules

Viewing and Toggling Built-in Rules

Go to Agentic Security > Agent Security (/security/prompt) to:
  • Browse all built-in rules across four tabs: Commands, Injection, Secrets, and Custom
  • Use the FilterSearch bar to filter rules by name, ID, category, severity, or enabled status
  • Click any rule row to toggle it on or off
  • Changes appear in the unsaved changes bar — click Save to apply or Discard to revert

Central Controls

Go to Agentic Security > Security Settings (/security/settings) for high-level toggles:
  • Software Security Settings — Enable/disable package scanning (scorecard, vulnerabilities, licenses, typosquats)
  • Agent Security Settings — Enable/disable all command validation, injection detection, and secret scanning
  • LLM Proxy — Enable/disable the local LLM proxy for telemetry and rule injection
  • Expandable sections for Hook Types, Detection Modules, Mode Settings, and Secret Detection Settings

Creating Custom Rules

From the Custom tab in Agent Security, click Add Rule to open the multi-step Create Rule Wizard. See Custom Rules for details.

All Rules Are On by Default

Every built-in rule is enabled when you first install Turen. This gives you immediate protection without any configuration. You can fine-tune rules to match your organization’s needs after installation.