governance profiles · v1.33.0
Six Policy Templates
One governance engine. Six threshold configurations. Profiles are applied locally in the browser extension — they change enforcement levels, not the underlying detection logic.
same engine · different thresholds
applied locally · no cloud
governance_policy.js · v1.33.0
◆
Same engine — profiles are thresholds, not separate systems.
Changing your governance profile does not switch to a different detection
engine. The same local_rules.js rule set runs in every case.
Profiles configure severity_overrides and
escalation_rules in governance_policy.js —
which finding types trigger RED, which trigger YELLOW, and whether a
minimum verdict floor is enforced.
Profile Comparison
| Property | Default | Developer | Enterprise | Banking | Government | Sovereign |
|---|---|---|---|---|---|---|
| Regulatory context | none | none | enterprise_compliance | pci_dss_sox | fisma_fedramp | sovereign_data |
| Audit tier | standard | developer | enterprise | regulated | government | sovereign |
| Risk tolerance | medium | medium | low | very_low | very_low | zero |
| Minimum status | none | none | YELLOW | YELLOW | YELLOW | YELLOW |
| Severity overrides | 0 | 5 | 6 | 10 | 10 | 10 |
| Escalation rules | 0 | 5 | 5 | 9 | 8 | 1 (wildcard *) |
| GREEN verdict possible | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Baseline YELLOW floor | — | — | ✓ | ✓ | ✓ | ✓ |