Scoring thresholds and per-filter sub-configs.
The [proxy] section configures the scoring engine — the thresholds, the cold-start
behaviour, and the queue timeout.
[proxy]
| Key | Type | Default | Description |
|---|
| auto_allow_threshold | float | 3 | — |
| auto_deny_threshold | float | 8 | — |
| cold_start_calls | integer | 0 | — |
| cold_start_escalation_high | float | 10 | — |
| cold_start_escalation_low | float | 2 | — |
| review_timeout_seconds | integer | 300 | auto-deny queued calls after 5 minutes |
Per-filter sub-sections
Each filter has its own sub-section under [proxy.filters.*]:
[proxy.filters.reputation]
| Key | Type | Default | Description |
|---|
| domains_file | string | "config/filters/domains.toml" | — |
| enabled | boolean | true | — |
| ip_address_score | float | 2 | — |
| malicious_domain_score | float | 4 | — |
| safe_domain_score | float | -1 | — |
| unknown_domain_score | float | 1 | — |
[proxy.filters.behavioural]
| Key | Type | Default | Description |
|---|
| enabled | boolean | true | — |
| mild_deviation_score | float | 1 | — |
| min_calls_for_baseline | integer | 200 | — |
| significant_deviation_score | float | 3 | — |
[proxy.filters.taint]
| Key | Type | Default | Description |
|---|
| enabled | boolean | true | — |
| high_risk_sinks | array | ["network", "shell"] | — |
| medium_risk_sinks | array | ["file_write"] | — |
| sensitive_paths | array | [".env", ".env.local", "credentials.json", "secrets.yaml", "id_rsa", "id_ed25519"] | — |
[proxy.filters.rate_limit]
| Key | Type | Default | Description |
|---|
| burst_multiplier | float | 3 | — |
| cooldown_seconds | integer | 30 | — |
| enabled | boolean | true | — |
| file_writes_per_minute | integer | 30 | — |
| network_requests_per_minute | integer | 60 | — |
| shell_execs_per_minute | integer | 20 | — |
[proxy.filters.semantic]
| Key | Type | Default | Description |
|---|
| enabled | boolean | false | Stub in v1.5, requires local embedding model |
| model | string | "all-MiniLM-L6-v2" | — |
[proxy.filters.egress]
| Key | Type | Default | Description |
|---|
| config_file | string | "config/filters/egress.toml" | — |
| enabled | boolean | true | — |
[proxy.filters.session_containment]
| Key | Type | Default | Description |
|---|
| config_file | string | "config/filters/containment.toml" | — |
| enabled | boolean | true | — |
Tuning thresholds
The most important pair is auto_allow_threshold and auto_deny_threshold:
- Lower auto-allow = more calls go to queue (paranoid).
- Lower auto-deny = more calls auto-deny (very paranoid).
- Higher auto-allow = more calls auto-allow (quiet, less safe).
- Higher auto-deny = fewer calls auto-deny (chatty queue).
See Tuning scoring thresholds for the
walkthrough.
See also