> ## Documentation Index
> Fetch the complete documentation index at: https://docs.turen.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Security Rules Overview

> Understand Turen's built-in security rules and how they protect your AI agents

Turen ships with **96 built-in security rules** that protect your AI coding agents from dangerous actions. Rules are evaluated in real time and block threats before they execute.

## Where to Find Security Rules

Security rules are managed under the **Agentic Security** section in the sidebar (ShieldCheck icon). There are three pages:

| Page                                                  | Route                | Purpose                                                                |
| ----------------------------------------------------- | -------------------- | ---------------------------------------------------------------------- |
| [Software Security](/security-rules/package-security) | `/security/software` | Package install thresholds, license policies, SAST, malware            |
| [Agent Security](/security-rules/command-validation)  | `/security/prompt`   | Command validation, injection detection, secret scanning, custom rules |
| Security Settings                                     | `/security/settings` | Central on/off toggles, detection modules, mode settings               |

## Rule Categories

<CardGroup cols={3}>
  <Card icon="terminal" href="/security-rules/command-validation" title="Command Validation">
    **61 rules** that block destructive shell commands before execution.
  </Card>

  <Card icon="syringe" href="/security-rules/prompt-injection" title="Prompt Injection">
    **20 rules** that detect attempts to hijack AI agent behavior.
  </Card>

  <Card icon="key" href="/security-rules/secret-detection" title="Secret Detection">
    **15 rules** that prevent credentials and secrets from leaking.
  </Card>
</CardGroup>

## How Rules Work

Rules are pattern-based checks evaluated as Claude Code hooks on LLM requests and responses. When a rule matches:

1. The action is blocked or flagged based on severity
2. A security event is logged
3. The event appears in your dashboard under **Monitor > Events**
4. Claude Code receives feedback indicating the action was blocked

## Rule Severity

Rules are classified by severity, which determines the response:

| Severity     | Description                                                          |
| ------------ | -------------------------------------------------------------------- |
| **Critical** | Immediate threat: data destruction, system compromise. Blocked.      |
| **High**     | Significant risk: credential exposure, unauthorized access. Blocked. |
| **Medium**   | Moderate risk: potentially unsafe operations. Warning issued.        |
| **Low**      | Minor risk: best practice violations. Warning issued.                |

## Managing Rules

### Viewing and Toggling Built-in Rules

Go to **Agentic Security > Agent Security** (`/security/prompt`) to:

* Browse all built-in rules across four tabs: **Commands**, **Injection**, **Secrets**, and **Custom**
* Use the **FilterSearch** bar to filter rules by name, ID, category, severity, or enabled status
* Click any rule row to toggle it on or off
* Changes appear in the unsaved changes bar: click **Save** to apply or **Discard** to revert

### Central Controls

Go to **Agentic Security > Security Settings** (`/security/settings`) for high-level toggles:

* **Software Security Settings**: Enable/disable package scanning (scorecard, vulnerabilities, licenses, typosquats)
* **Agent Security Settings**: Enable/disable all command validation, injection detection, and secret scanning
* **LLM Proxy**: Enable/disable the local LLM proxy for telemetry and rule injection
* Expandable sections for **Hook Types**, **Detection Modules**, **Mode Settings**, and **Secret Detection Settings**

### Creating Custom Rules

From the **Custom** tab in Agent Security, click **Add Rule** to open the multi-step Create Rule Wizard. See [Custom Rules](/security-rules/custom-rules) for details.

## All Rules Are On by Default

Every built-in rule is enabled when you first install Turen. This gives you immediate protection without any configuration. You can fine-tune rules to match your organization's needs after installation.
