Skip to main content
ast-guard allows you to write custom validation rules and combine built-in rules to match your specific security requirements.

Combining Built-in Rules

Create a custom validator by combining built-in rules:

Security Presets

ast-guard includes pre-built security presets:

Writing Custom Rules

Rule Interface

Example: Custom Rule

Example: Block Specific API Calls

Extending Presets

Add rules to an existing preset:

Removing Rules from Presets

Filter out rules you don’t need:

Rule Ordering

Rules are executed in array order. For performance, order rules by:
  1. Fast rejections first - Rules that quickly identify invalid code
  2. Complex analysis last - Rules that traverse the entire AST

Testing Custom Rules