Using Security Levels
Security Level Comparison
When to Use Each Level
STRICT
Use for maximum security with untrusted code:- AI-generated scripts from external sources
- User-submitted code
- Third-party plugin code
- Any code where you cannot verify the source
SECURE
Balanced security for semi-trusted scenarios:- Internal automation scripts
- Validated AI-generated code
- Scripts from authenticated users
STANDARD
Default level for trusted internal use:- Internal workflow automation
- Development and testing
- Scripts you control
PERMISSIVE
Minimal restrictions for controlled environments:- Internal testing
- Performance benchmarking
- Trusted scripts where you need maximum flexibility
Customizing Security Levels
You can start with a preset and override specific settings:Defense-in-Depth
Security levels configure multiple defense layers:- AST Validation - Blocked constructs vary by level
- Resource Limits - Timeout, iterations, tool calls
- Output Controls - Console rate limiting, output size
- Stack Sanitization - Information leakage prevention
Related
- Configuration - All configuration options
- Worker Pool - OS-level isolation presets
- Double VM - Enhanced security layer