🔧 Global Baseline Reference (AI Pilot)
This guide documents the canonical baseline schema used by:
GlobalPEPConfig.pilot_config.ai_management_defaults- Settings → AI Pilot → Global Baseline
Use this as the source of truth for allowed values, value ranges, and example payloads.
📌 Baseline shape
{
"use_global": true,
"cost_optimization": {
"use_global": true,
"token_aware_rate_limits": {
"tokens_per_minute_per_user": 4000,
"burst_tokens": 1200,
"window_seconds": 60
},
"fallback_routing": [],
"prompt_caching": {
"enabled": true,
"ttl_seconds": 600
}
},
"content_safety": {
"use_global": true,
"harm_thresholds": {
"hate": 1,
"sexual": 1,
"violence": 1,
"self_harm": 1
},
"prompt_shields_enabled": true,
"security_controls": {
"prompt_injection": { "enabled": true, "action": "block" },
"jailbreak": { "enabled": true, "action": "block" },
"data_exfiltration": { "enabled": true, "action": "block" },
"secret_leakage": { "enabled": true, "action": "redact" },
"pii_detection": { "enabled": true, "action": "redact" },
"malware_or_code_abuse": { "enabled": true, "action": "annotate" }
},
"custom_blocklists": [],
"allowlist_terms": [],
"trusted_domains": [],
"violation_action": "redact"
}
}
🤖 Allowed values and constraints
| Field | Type | Allowed values / range | Notes |
|---|---|---|---|
use_global | boolean | true / false | Top-level inheritance flag used in merge flow. |
cost_optimization.use_global | boolean | true / false | Inheritance flag for cost section. |
tokens_per_minute_per_user | integer | >= 1 | Per-user token budget over window. |
burst_tokens | integer | >= 1 | Short burst token allowance. |
window_seconds | integer | >= 1 | Token accounting window in seconds. |
fallback_routing[] | array | objects with id, provider, model | Ordered primary→fallback chain. |
prompt_caching.enabled | boolean | true / false | Enables semantic prompt cache. |
prompt_caching.ttl_seconds | integer | 30..86400 | Cache TTL in seconds. |
content_safety.use_global | boolean | true / false | Inheritance flag for safety section. |
harm_thresholds.* | integer | 0..3 | 0=Safe, 1=Low, 2=Medium, 3=High. |
prompt_shields_enabled | boolean | true / false | Master switch for prompt shields. |
security_controls.*.enabled | boolean | true / false | Per-control enable flag. |
security_controls.*.action | string | block, redact, annotate | Per-control enforcement action. |
custom_blocklists[].type | string | exact, regex | Matching mode. |
custom_blocklists[].value | string | non-empty recommended | Pattern or token to match. |
allowlist_terms[] | string[] | free-form terms | Exceptions to avoid overblocking. |
trusted_domains[] | string[] | host/domain strings | Exfiltration exception domains. |
violation_action | string | block, redact, annotate | Default safety action. |
📌 Sample baseline profiles
Conservative (high control)
{
"cost_optimization": {
"token_aware_rate_limits": {
"tokens_per_minute_per_user": 2000,
"burst_tokens": 500,
"window_seconds": 60
},
"prompt_caching": { "enabled": true, "ttl_seconds": 900 }
},
"content_safety": {
"harm_thresholds": { "hate": 1, "sexual": 1, "violence": 1, "self_harm": 1 },
"violation_action": "block"
}
}
Balanced (default enterprise)
{
"cost_optimization": {
"token_aware_rate_limits": {
"tokens_per_minute_per_user": 4000,
"burst_tokens": 1200,
"window_seconds": 60
},
"prompt_caching": { "enabled": true, "ttl_seconds": 600 }
},
"content_safety": {
"harm_thresholds": { "hate": 1, "sexual": 1, "violence": 1, "self_harm": 1 },
"violation_action": "redact"
}
}
Throughput-optimized (careful rollout)
{
"cost_optimization": {
"token_aware_rate_limits": {
"tokens_per_minute_per_user": 8000,
"burst_tokens": 2500,
"window_seconds": 60
},
"prompt_caching": { "enabled": true, "ttl_seconds": 300 }
},
"content_safety": {
"harm_thresholds": { "hate": 2, "sexual": 2, "violence": 2, "self_harm": 2 },
"violation_action": "annotate"
}
}
🔌 Integration with local overrides
- Bouncers with Use global defaults enabled consume this baseline directly.
- Bouncers with local overrides merge local values on top of this baseline.
- Changes to baseline affect all bouncers inheriting global defaults immediately after config refresh.
See also: