YAML policy files configure how tirith responds to detected threats.
Tirith discovers policy files by walking up the directory tree from the current working directory to the nearest .git boundary, looking for:
.tirith/policy.yaml (then .yml)~/.config/tirith/policy.yamlControls behavior when the engine encounters an error. open allows execution to proceed, closed blocks execution on error. Default: open.
A list of glob patterns for domains and URLs that should be excluded from findings. Matching URLs will not trigger any rules. Supports wildcards.
A list of glob patterns for domains that should always be blocked, regardless of rule results. Blocklist overrides allowlist when both match.
Override the default severity for specific rule IDs. Valid values: CRITICAL, HIGH, MEDIUM, LOW. This lets you escalate or de-escalate specific rules per your organization's risk tolerance.
When true, users can set TIRITH_BYPASS=1 to skip blocking. Default: false. Useful for CI environments where a human has reviewed the command.
Beyond allowlists and severity overrides, you can author your own detection rules under custom_rules. A rule is either a regex match or a semantic when: clause, never both. The DSL evaluates against data the engine already extracted (URLs, packages, command shape, files), so it adds no new parsing and no hot-path network. Reputation predicates read the local threat database.
Combine predicates with all, any, and not. Predicate families:
command.* — uses_sudo, has_pipeline_to, cwd_inurl.* — scheme, host, host_matches, reputation, domain_not_inpackage.* — ecosystem, name_matches, reputationfile.* — path_matchesAuthor and check rules with tirith rule test|validate|explain. validate rejects a DSL rule whose predicates don't apply to its declared context, so a rule can never be silently dead.
Team and Enterprise tiers can manage policies centrally through the admin console. The CLI fetches the active policy from the server on startup and caches it locally. Local policy files are merged with the server policy, with the server taking precedence.