Policy Playground

The Playground is the interactive environment in Highflame Studio for testing Cedar policies before you deploy them to production. It routes requests through the same detection and evaluation pipeline as live traffic, so the decision you see in the Playground is exactly what your agents would experience.

Navigate to Highflame Studio → Observatory → Playground.

Why test policies in the Playground

Cedar policies interact with detector signals in ways that are not always obvious from reading the policy alone. A rule that looks correct may block legitimate traffic, miss a threat variant, or behave differently across evaluation points. The Playground gives you a fast iteration loop:

1. Write or modify a policy in the Cedar editor

2. Submit a test payload in the Playground

3. See exactly which rules fired and why — including projected context values, detector scores, and the determining policies

4. Adjust thresholds or conditions and re-test before any real traffic is affected

What the Playground evaluates

The Playground runs the full Shield pipeline against your input:

• Tier 1 deterministic detectors (secrets, PII, injection patterns, tool risk)

• Tier 2 ML/NLP classifiers (injection confidence, jailbreak, toxicity)

• Tier 3 cloud-backed checks (if configured and elevated risk is present)

• Cedar policy evaluation against the projected context from those detectors

No real LLM calls are made by default. Enable Live mode in the Playground settings if you want the full end-to-end path including a real model response and output-phase evaluation.

Events generated during a Playground session appear in Observatory → Threats and Sessions tagged with source: playground, keeping them separate from production data.

Testing a policy

Step 1 — Select the policy to test

Use the Policy selector in the Playground sidebar to choose which policy set to evaluate against. By default, the Playground uses the policies currently active for your project. To test a new or modified policy before applying it:

1. Author the policy in Studio → Shield → Policies → Cedar Editor

2. Save it in draft state (it will not yet be enforced)

3. Switch to the Playground and select the draft policy in the Policy selector

This lets you validate the policy in isolation against known inputs before activating it.

Step 2 — Submit a test payload

The input editor accepts a JSON payload in the Shield request format:

You can also paste a raw prompt string — the Playground wraps it in the correct request format automatically.

Step 3 — Read the decision

The live event stream shows every event produced by the evaluation in sequence:

Expand any event to see the projected context: the Cedar context keys and their values (injection_confidence, pii_detected, tool_risk_score, etc.). This is the same data Cedar evaluated your rule against, so you can verify that detector outputs are what you expected.

Step 4 — Check the determining policies

If the decision is deny, the event record shows the determining policies — the specific Cedar rule IDs that drove the block, with their @reject_message text. If you expected a block and didn't get one (or vice versa), the projected context will show you which signal was missing or at the wrong threshold.

Use the attack library for coverage testing

The Playground includes a built-in Attack Library with predefined scenarios across each threat category — prompt injection variants, PII in request bodies, credential exfiltration patterns, tool poisoning payloads, and more. Select a scenario to pre-populate the input editor and confirm your policies catch known attack patterns.

Use the attack library to run a quick sanity check whenever you:

• Apply a new policy profile (chat_assistant, code_agent, data_pipeline, etc.)

• Lower a threshold (e.g., reduce injection block threshold from 80 to 70)

• Add a new forbid rule with a condition you haven't tested in production

Testing across evaluation points

A single Cedar policy can apply at multiple evaluation points. To test each point independently, set action in the payload:

Testing each point individually confirms that your policy fires at the right phase — for example, that a rule targeting tool responses does not also inadvertently block prompts.

Validating a policy rollout

The Playground integrates with the four-stage rollout approach described in the Cedar Cookbook:

Running this progression in the Playground before each stage switch reduces the risk of unexpected blocks in production.

Saving and sharing scenarios

• Save as scenario — saves the current input and expected outcome as a named test case in your organization's scenario library; use these as a regression suite when modifying policies

• Copy link — generates a permalink to the current Playground state (input, policy selection, result) for sharing with teammates during policy review

• Export — downloads the full event stream as JSON, suitable for CI/CD policy validation pipelines

Programmatic testing

For automated testing as part of a CI/CD pipeline, use the explain and debug flags in the Shield SDK or API rather than the interactive Playground. See the Cedar Cookbook → Testing with Debug Mode and the Testing Guide for SDK patterns.

Related

• Observatory → Playground — full Playground reference, including Live mode and scenario library management

• Cedar Cookbook — writing and tuning Cedar policies; debug and explain flags; rollout strategy

• Guardrail APIs — calling Shield directly for per-request evaluation with explain and debug

• Testing Guide — writing automated tests for Shield integrations