Skip to main content
Enclave provides pre-configured security profiles that balance functionality against risk. Choose the appropriate level based on your trust model and use case.

Using Security Levels

Security Level Comparison

When to Use Each Level

STRICT

Use for maximum security with untrusted code:
  • AI-generated scripts from external sources
  • User-submitted code
  • Third-party plugin code
  • Any code where you cannot verify the source

SECURE

Balanced security for semi-trusted scenarios:
  • Internal automation scripts
  • Validated AI-generated code
  • Scripts from authenticated users

STANDARD

Default level for trusted internal use:
  • Internal workflow automation
  • Development and testing
  • Scripts you control

PERMISSIVE

Minimal restrictions for controlled environments:
  • Internal testing
  • Performance benchmarking
  • Trusted scripts where you need maximum flexibility
Use STRICT for any untrusted code, including AI-generated scripts from external sources or user-submitted scripts.

Customizing Security Levels

You can start with a preset and override specific settings:

Defense-in-Depth

Security levels configure multiple defense layers:
  1. AST Validation - Blocked constructs vary by level
  2. Resource Limits - Timeout, iterations, tool calls
  3. Output Controls - Console rate limiting, output size
  4. Stack Sanitization - Information leakage prevention
Each level provides appropriate defaults for its trust model.