Security
AxonFlow secures AI systems at runtime, where prompts, model calls, tool calls, and connector responses can actually do damage. That is different from static filters or generic API gateways. The platform is built to help engineers control what AI systems are allowed to do and to explain what happened afterward.
Core Security Layers in Community
| Capability | What it does |
|---|---|
| PII Detection | Detects sensitive data and applies configurable actions |
| SQL Injection Scanning | Detects risky SQL patterns and dangerous query behavior |
| MCP Policy Enforcement | Governs connector requests and responses |
| Audit Logging | Records decisions, redactions, and enforcement context |
| Security Best Practices | Hardening guidance for real deployments |
What Engineers Actually Need
For a senior or staff engineer, useful security docs must answer:
- what gets checked
- when it gets checked
- what the default action is
- how to change it safely
- how to prove it worked
That is the standard these pages aim to meet.
Security Behavior Is Policy-Driven
AxonFlow separates detection from enforcement.
Examples:
PII_ACTION=redactallows useful workflows while masking detected PIIPII_ACTION=blockturns the same detection into a hard stopSQLI_ACTION=warnis useful during rollout- MCP-specific overrides let connector governance differ from gateway behavior
That separation is one reason teams can start safely in Community and then harden over time instead of rewriting application code for every policy change.
Where Security Checks Run
- Agent: request-side policy enforcement, gateway checks, MCP enforcement entry points
- Orchestrator: workflow, routing, and higher-level execution control
- MCP response handling: output redaction and exfiltration-style controls
Why This Matters for Real Teams
In small pilots, teams often treat AI security as a prompt problem. At scale, it becomes a runtime-control problem:
- prompts can contain regulated data
- model output can contain unexpected sensitive content
- connector responses can leak data
- long-running workflows need auditability and intervention points
That is where AxonFlow starts to look less like a helper library and more like infrastructure.
PII Detection
AxonFlow detects sensitive data using a two-layer approach: regex pattern matching for speed, followed by validation rules (checksum, format) for precision.
Detected PII types include:
- Global: Credit cards, email, phone, IP address, passport, date of birth, booking reference
- US: SSN, bank accounts
- India: Aadhaar (with checksum), PAN
- Singapore: NRIC, FIN, UEN, phone, postal code
- EU: IBAN (with MOD-97)
The PII_ACTION environment variable controls enforcement:
| Value | Behavior |
|---|---|
block | Reject the request entirely |
redact (default) | Replace PII with [REDACTED:type] placeholders |
warn | Allow but log a warning |
log | Allow silently, record in audit |
Separate controls exist for MCP connectors (MCP_PII_ACTION) and Gateway mode (GATEWAY_PII_ACTION).
Community and the Upgrade Path
Community is strong enough to build real governed AI applications and validate the operating model. Teams usually feel pressure to move up once they need broader limits, enterprise governance workflows, procurement support, or stronger rollout guarantees across the company.
