Skip to content

docs: Add configurable security policy documentation #158

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
neubig wants to merge 2 commits into from
Closed

docs: Add configurable security policy documentation #158

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
62060ff
docs: Add configurable security policy documentation
openhands-agent Dec 8, 2025
66b75f7
Update security policy example number from 28 to 31
openhands-agent Dec 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 49 additions & 0 deletions sdk/guides/security.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -442,6 +442,55 @@ agent = Agent(llm=llm, tools=tools, security_analyzer=security_analyzer)

For more details on the base class implementation, see the [source code](https://github.com/OpenHands/software-agent-sdk/blob/main/openhands-sdk/openhands/sdk/security/analyzer.py).

---

## Configurable Security Policy

Agents use security policies to guide their risk assessment of actions. The SDK provides a default security policy template, but you can customize it to match your specific security requirements and guidelines.

<Note>
Full configurable security policy example: [examples/01_standalone_sdk/31_configurable_security_policy.py](https://github.com/OpenHands/software-agent-sdk/blob/main/examples/01_standalone_sdk/31_configurable_security_policy.py)
</Note>

### Security Policy Example

Define custom security risk guidelines for your agent:

```python icon="python" expandable examples/01_standalone_sdk/31_configurable_security_policy.py
```

```bash Running the Example
export LLM_API_KEY="your-api-key"
cd agent-sdk
uv run python examples/01_standalone_sdk/28_configurable_security_policy.py
```

### Using Custom Security Policies

You can provide a custom security policy template when creating an agent:

```python highlight={10-11}
from openhands.sdk import Agent, LLM
from pathlib import Path

llm = LLM(
usage_id="agent",
model="anthropic/claude-sonnet-4-5-20250929",
api_key=SecretStr(api_key),
)

# Provide a custom security policy template file
agent = Agent(llm=llm, tools=tools, security_policy_filename="my_security_policy.j2")
```

Custom security policies allow you to:
- Define organization-specific risk assessment guidelines
- Set custom thresholds for security risk levels
- Add domain-specific security rules
- Tailor risk evaluation to your use case

The security policy is provided as a Jinja2 template that gets rendered into the agent's system prompt, guiding how it evaluates the security risk of its actions.

## Next Steps

- **[Custom Tools](/sdk/guides/custom-tools)** - Build secure custom tools
Expand Down