Skip to main content
Turen ships with 96 built-in security rules that protect your AI coding agents from dangerous actions. Rules are evaluated in real time and block threats before they execute.

Rule Categories

Command Validation

61 rules that block destructive shell commands before execution.

Prompt Injection

20 rules that detect attempts to hijack AI agent behavior.

Secret Detection

15 rules that prevent credentials and secrets from leaking.

How Rules Work

Rules are pattern-based checks evaluated as Claude Code hooks on LLM requests and responses. When a rule matches:
  1. The action is blocked or flagged based on severity
  2. A security event is logged
  3. The event appears in your dashboard under Monitor > Events
  4. Claude Code receives feedback indicating the action was blocked

Rule Severity

Rules are classified by severity, which determines the response:
SeverityDescription
CriticalImmediate threat — data destruction, system compromise. Blocked.
HighSignificant risk — credential exposure, unauthorized access. Blocked.
MediumModerate risk — potentially unsafe operations. Warning issued.
LowMinor risk — best practice violations. Warning issued.

Managing Rules

In the dashboard, go to Rules Engine > Guard to:
  • View all rules — See every rule with its category, severity, and enabled status
  • Enable/disable rules — Toggle individual rules on or off
  • Create custom rules — Add organization-specific rules using the custom rule wizard

All Rules Are On by Default

Every built-in rule is enabled when you first install Turen. This gives you immediate protection without any configuration. You can fine-tune rules to match your organization’s needs after installation.