{
  "name": "DTwo Policy Catalog",
  "description": "Curated catalog of reusable OPA/Rego policies for governing MCP tool calls via the DTwo MCP Gateway.",
  "source": "https://github.com/dtwoai/policy-store",
  "site": "https://www.intentbasedpolicy.com",
  "indexes": {
    "llms": "https://www.intentbasedpolicy.com/llms.txt",
    "llmsFull": "https://www.intentbasedpolicy.com/llms-full.txt",
    "sitemap": "https://www.intentbasedpolicy.com/sitemap-index.xml"
  },
  "counts": {
    "policies": 18,
    "apps": 4,
    "bundles": 4,
    "stories": 6
  },
  "apps": [
    {
      "slug": "hubspot",
      "title": "Hubspot",
      "url": "https://www.intentbasedpolicy.com/apps/hubspot",
      "policyCount": 6
    },
    {
      "slug": "jira",
      "title": "Jira",
      "url": "https://www.intentbasedpolicy.com/apps/jira",
      "policyCount": 3
    },
    {
      "slug": "salesforce",
      "title": "Salesforce",
      "url": "https://www.intentbasedpolicy.com/apps/salesforce",
      "policyCount": 4
    },
    {
      "slug": "slack",
      "title": "Slack",
      "url": "https://www.intentbasedpolicy.com/apps/slack",
      "policyCount": 5
    }
  ],
  "bundles": [
    {
      "slug": "atlassian",
      "title": "Atlassian",
      "url": "https://www.intentbasedpolicy.com/bundles/atlassian",
      "policyCount": 3
    },
    {
      "slug": "crm",
      "title": "Crm",
      "url": "https://www.intentbasedpolicy.com/bundles/crm",
      "policyCount": 10
    },
    {
      "slug": "im-messaging",
      "title": "Im Messaging",
      "url": "https://www.intentbasedpolicy.com/bundles/im-messaging",
      "policyCount": 1
    },
    {
      "slug": "slack",
      "title": "Slack",
      "url": "https://www.intentbasedpolicy.com/bundles/slack",
      "policyCount": 4
    }
  ],
  "stories": [
    {
      "slug": "stop-secrets-leaking-into-slack",
      "title": "Stop AI agents from leaking secrets into Slack",
      "dek": "Once an agent posts to Slack, an API key is in channel history and search. Catch it before the send, not after.",
      "url": "https://www.intentbasedpolicy.com/stories/stop-secrets-leaking-into-slack",
      "policies": [
        "https://www.intentbasedpolicy.com/policies/slack/block-secrets",
        "https://www.intentbasedpolicy.com/policies/slack/redact-sensitive-info"
      ]
    },
    {
      "slug": "keep-customer-pii-inside-your-crm",
      "title": "Keep customer PII from walking out of your CRM",
      "dek": "An agent reading Salesforce or HubSpot pulls emails, phone numbers, and addresses into its context and your chat logs. Mask them on the way out.",
      "url": "https://www.intentbasedpolicy.com/stories/keep-customer-pii-inside-your-crm",
      "policies": [
        "https://www.intentbasedpolicy.com/policies/salesforce/redact-pii",
        "https://www.intentbasedpolicy.com/policies/hubspot/redact-pii",
        "https://www.intentbasedpolicy.com/policies/salesforce/protect-contact-fields"
      ]
    },
    {
      "slug": "read-only-crm-for-ai-agents",
      "title": "Give AI agents read-only access to your CRM",
      "dek": "For a low-risk CRM pilot, give the agent a one-way mirror: it reads every record and changes none. The read-only policies enforce that, and a query allowlist tightens it further.",
      "url": "https://www.intentbasedpolicy.com/stories/read-only-crm-for-ai-agents",
      "policies": [
        "https://www.intentbasedpolicy.com/policies/salesforce/read-only",
        "https://www.intentbasedpolicy.com/policies/hubspot/read-only",
        "https://www.intentbasedpolicy.com/policies/salesforce/query-allowlist"
      ]
    },
    {
      "slug": "guard-high-stakes-crm-writes",
      "title": "Guard the CRM writes your revenue depends on",
      "dek": "You want agents logging activities and creating records, just not closing deals or reassigning owners on their own. Gate the few writes that matter.",
      "url": "https://www.intentbasedpolicy.com/stories/guard-high-stakes-crm-writes",
      "policies": [
        "https://www.intentbasedpolicy.com/policies/hubspot/block-deal-closure",
        "https://www.intentbasedpolicy.com/policies/hubspot/protect-deal-owner",
        "https://www.intentbasedpolicy.com/policies/hubspot/protect-associations",
        "https://www.intentbasedpolicy.com/policies/hubspot/protect-lifecycle-stage"
      ]
    },
    {
      "slug": "wall-off-sensitive-jira-projects",
      "title": "Wall off sensitive Jira projects from AI agents",
      "dek": "Security, legal, and HR projects share the same Jira as your sprint board. Keep agents from reading or writing them, and redact whatever still comes back.",
      "url": "https://www.intentbasedpolicy.com/stories/wall-off-sensitive-jira-projects",
      "policies": [
        "https://www.intentbasedpolicy.com/policies/jira/deny-view-search-sensitive-projects",
        "https://www.intentbasedpolicy.com/policies/jira/deny-write-sensitive-projects",
        "https://www.intentbasedpolicy.com/policies/jira/redact-sensitive-info"
      ]
    },
    {
      "slug": "slack-hygiene-for-ai-agents",
      "title": "Slack hygiene for autonomous AI agents",
      "dek": "Slack's OAuth scopes pick capabilities, not the channels they apply to: you can grant an agent 'post messages,' but not 'post only in #status' — one scope covers every channel at once.",
      "url": "https://www.intentbasedpolicy.com/stories/slack-hygiene-for-ai-agents",
      "policies": [
        "https://www.intentbasedpolicy.com/policies/slack/deny-channel-creation",
        "https://www.intentbasedpolicy.com/policies/slack/deny-direct-messages",
        "https://www.intentbasedpolicy.com/policies/slack/deny-read-search-summarize-sensitive-channels"
      ]
    }
  ],
  "policies": [
    {
      "slug": "slack/block-secrets",
      "name": "Block Secrets in Slack Messages",
      "summary": "Blocks Slack send-message tool calls whose message body looks like it contains a secret — API keys, passwords, tokens, or PEM-formatted private keys.",
      "url": "https://www.intentbasedpolicy.com/policies/slack/block-secrets",
      "markdown": "https://www.intentbasedpolicy.com/policies/slack/block-secrets.md",
      "app": "slack",
      "apps": [
        "slack"
      ],
      "bundles": [
        "im-messaging"
      ],
      "tags": [
        "slack",
        "secrets",
        "dlp",
        "ingress"
      ],
      "direction": "ingress",
      "package": "slack.ingress.block_secrets",
      "publishedAt": "2026-06-02",
      "policyChecksum": "sha256:c694c2624700c1dd750e33b4ba1171f03cca77009977871a01d5d7dd8a9d1d99",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/slack/block-secrets",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/slack/block-secrets/policy.md"
    },
    {
      "slug": "hubspot/block-deal-closure",
      "name": "HubSpot Block Deal Closure",
      "summary": "Blocks HubSpot CRM-object calls that move a deal into a closed stage (closedwon or closedlost). Both create and update requests are inspected.",
      "url": "https://www.intentbasedpolicy.com/policies/hubspot/block-deal-closure",
      "markdown": "https://www.intentbasedpolicy.com/policies/hubspot/block-deal-closure.md",
      "app": "hubspot",
      "apps": [
        "hubspot"
      ],
      "bundles": [
        "crm"
      ],
      "tags": [
        "hubspot",
        "deals",
        "access-control",
        "governance",
        "ingress"
      ],
      "direction": "ingress",
      "package": "hubspot.ingress.no_close_deal",
      "publishedAt": "2026-06-16",
      "policyChecksum": "sha256:610b7a15cb9dfc53c0eef487b0bd786f47de31f4528493d2697b77913e50ea5e",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/hubspot/block-deal-closure",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/hubspot/block-deal-closure/policy.md"
    },
    {
      "slug": "hubspot/protect-associations",
      "name": "HubSpot Protect Associations",
      "summary": "Blocks HubSpot CRM-object calls that create or change associations between objects (deal↔company, contact↔company, etc.).",
      "url": "https://www.intentbasedpolicy.com/policies/hubspot/protect-associations",
      "markdown": "https://www.intentbasedpolicy.com/policies/hubspot/protect-associations.md",
      "app": "hubspot",
      "apps": [
        "hubspot"
      ],
      "bundles": [
        "crm"
      ],
      "tags": [
        "hubspot",
        "associations",
        "access-control",
        "governance",
        "ingress"
      ],
      "direction": "ingress",
      "package": "hubspot.ingress.protect_associations",
      "publishedAt": "2026-06-16",
      "policyChecksum": "sha256:682a9be175d987f3cb60dfabf940b2e5bac03da616a8a3539696c080d99d5d52",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/hubspot/protect-associations",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/hubspot/protect-associations/policy.md"
    },
    {
      "slug": "hubspot/protect-deal-owner",
      "name": "HubSpot Protect Deal Owner",
      "summary": "Blocks HubSpot CRM-object update calls that set or change a deal's owner.",
      "url": "https://www.intentbasedpolicy.com/policies/hubspot/protect-deal-owner",
      "markdown": "https://www.intentbasedpolicy.com/policies/hubspot/protect-deal-owner.md",
      "app": "hubspot",
      "apps": [
        "hubspot"
      ],
      "bundles": [
        "crm"
      ],
      "tags": [
        "hubspot",
        "deals",
        "access-control",
        "governance",
        "ingress"
      ],
      "direction": "ingress",
      "package": "hubspot.ingress.protect_deal_owner",
      "publishedAt": "2026-06-16",
      "policyChecksum": "sha256:9b850e272d771fce7b98056fbe73fae4aeadb5e8b79e940b4e7f643a925a36a0",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/hubspot/protect-deal-owner",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/hubspot/protect-deal-owner/policy.md"
    },
    {
      "slug": "hubspot/protect-lifecycle-stage",
      "name": "HubSpot Protect Lifecycle Stage",
      "summary": "Blocks HubSpot CRM-object calls that set or change a contact's lifecycle stage.",
      "url": "https://www.intentbasedpolicy.com/policies/hubspot/protect-lifecycle-stage",
      "markdown": "https://www.intentbasedpolicy.com/policies/hubspot/protect-lifecycle-stage.md",
      "app": "hubspot",
      "apps": [
        "hubspot"
      ],
      "bundles": [
        "crm"
      ],
      "tags": [
        "hubspot",
        "contacts",
        "lifecycle",
        "access-control",
        "governance",
        "ingress"
      ],
      "direction": "ingress",
      "package": "hubspot.ingress.protect_lifecycle_stage",
      "publishedAt": "2026-06-16",
      "policyChecksum": "sha256:16f9e6e25e396ba938081c793f12d3bfbc0eb030440fa04e871885e6fcc3697f",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/hubspot/protect-lifecycle-stage",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/hubspot/protect-lifecycle-stage/policy.md"
    },
    {
      "slug": "hubspot/read-only",
      "name": "HubSpot Read-Only",
      "summary": "Makes the HubSpot connection read-only by blocking the write tool.",
      "url": "https://www.intentbasedpolicy.com/policies/hubspot/read-only",
      "markdown": "https://www.intentbasedpolicy.com/policies/hubspot/read-only.md",
      "app": "hubspot",
      "apps": [
        "hubspot"
      ],
      "bundles": [
        "crm"
      ],
      "tags": [
        "hubspot",
        "access-control",
        "governance",
        "read-only",
        "ingress"
      ],
      "direction": "ingress",
      "package": "hubspot.ingress.readonly",
      "publishedAt": "2026-06-16",
      "policyChecksum": "sha256:c4ef50764a959af252cfbd5474bfea02a57b207fa3d352636dc70b8f11b45de0",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/hubspot/read-only",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/hubspot/read-only/policy.md"
    },
    {
      "slug": "hubspot/redact-pii",
      "name": "HubSpot Redact PII",
      "summary": "Redacts sensitive contact information from HubSpot tool responses before they reach the caller.",
      "url": "https://www.intentbasedpolicy.com/policies/hubspot/redact-pii",
      "markdown": "https://www.intentbasedpolicy.com/policies/hubspot/redact-pii.md",
      "app": "hubspot",
      "apps": [
        "hubspot"
      ],
      "bundles": [
        "crm"
      ],
      "tags": [
        "hubspot",
        "pii",
        "dlp",
        "redaction",
        "egress"
      ],
      "direction": "egress",
      "package": "hubspot.egress.redact_pii",
      "publishedAt": "2026-06-16",
      "policyChecksum": "sha256:6d01e4aadb8ca920e3118d6be38a4ab8f5733575955170ce5f10900c01c4835f",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/hubspot/redact-pii",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/hubspot/redact-pii/policy.md"
    },
    {
      "slug": "jira/deny-view-search-sensitive-projects",
      "name": "JIRA: Deny Sensitive Project Search and View",
      "summary": "Keeps issues that belong to a configurable set of \"sensitive\" JIRA projects out of read access through the JIRA MCP server.",
      "url": "https://www.intentbasedpolicy.com/policies/jira/deny-view-search-sensitive-projects",
      "markdown": "https://www.intentbasedpolicy.com/policies/jira/deny-view-search-sensitive-projects.md",
      "app": "jira",
      "apps": [
        "jira"
      ],
      "bundles": [
        "atlassian"
      ],
      "tags": [
        "jira",
        "atlassian",
        "access-control",
        "data-protection",
        "ingress"
      ],
      "direction": "ingress",
      "package": "jira.ingress.deny_sensitive_search_and_view",
      "publishedAt": "2026-06-16",
      "policyChecksum": "sha256:3d14268530ccbaf2985ca1cfe913ded30b6f98f97c73ca8f362eb9dae8e207aa",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/jira/deny-view-search-sensitive-projects",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/jira/deny-view-search-sensitive-projects/policy.md"
    },
    {
      "slug": "jira/deny-write-sensitive-projects",
      "name": "JIRA: Protect Sensitive Projects from Writes",
      "summary": "Blocks write operations against issues that belong to a configurable set of \"sensitive\" JIRA projects.",
      "url": "https://www.intentbasedpolicy.com/policies/jira/deny-write-sensitive-projects",
      "markdown": "https://www.intentbasedpolicy.com/policies/jira/deny-write-sensitive-projects.md",
      "app": "jira",
      "apps": [
        "jira"
      ],
      "bundles": [
        "atlassian"
      ],
      "tags": [
        "jira",
        "atlassian",
        "access-control",
        "data-protection",
        "ingress"
      ],
      "direction": "ingress",
      "package": "jira.ingress.protect_sensitive_projects",
      "publishedAt": "2026-06-16",
      "policyChecksum": "sha256:4aa9ccaf2b1a21d2535ba07f2b472a4bde1a67dadcfe21aa25c7aab8a2845bf1",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/jira/deny-write-sensitive-projects",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/jira/deny-write-sensitive-projects/policy.md"
    },
    {
      "slug": "jira/redact-sensitive-info",
      "name": "JIRA: Redact Sensitive Information from Issue Views",
      "summary": "Redacts sensitive content from the responses of JIRA issue-view tools before they reach the caller.",
      "url": "https://www.intentbasedpolicy.com/policies/jira/redact-sensitive-info",
      "markdown": "https://www.intentbasedpolicy.com/policies/jira/redact-sensitive-info.md",
      "app": "jira",
      "apps": [
        "jira"
      ],
      "bundles": [
        "atlassian"
      ],
      "tags": [
        "jira",
        "atlassian",
        "pii",
        "secrets",
        "dlp",
        "redaction",
        "egress"
      ],
      "direction": "egress",
      "package": "jira.egress.redact_sensitive_info",
      "publishedAt": "2026-06-15",
      "policyChecksum": "sha256:8d1f6a48db9d9572ec3f8ef34c4afd991dd1d9bb1cd9834febdec88f3716e600",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/jira/redact-sensitive-info",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/jira/redact-sensitive-info/policy.md"
    },
    {
      "slug": "salesforce/protect-contact-fields",
      "name": "Salesforce Protect Contact Fields",
      "summary": "Blocks Salesforce Contact updates that modify protected fields — ownership, account linkage, contact PII, name, and consent flags.",
      "url": "https://www.intentbasedpolicy.com/policies/salesforce/protect-contact-fields",
      "markdown": "https://www.intentbasedpolicy.com/policies/salesforce/protect-contact-fields.md",
      "app": "salesforce",
      "apps": [
        "salesforce"
      ],
      "bundles": [
        "crm"
      ],
      "tags": [
        "salesforce",
        "contacts",
        "pii",
        "access-control",
        "governance",
        "ingress"
      ],
      "direction": "ingress",
      "package": "salesforce.ingress.protect_contact_fields",
      "publishedAt": "2026-06-16",
      "policyChecksum": "sha256:79693cf553dae7659bbe8832bab9932b5d07f693437d06c7433d396c3a5b053f",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/salesforce/protect-contact-fields",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/salesforce/protect-contact-fields/policy.md"
    },
    {
      "slug": "salesforce/query-allowlist",
      "name": "Salesforce Query Allowlist",
      "summary": "Restricts Salesforce SOQL queries so only Account, Contact, and Opportunity records can be retrieved.",
      "url": "https://www.intentbasedpolicy.com/policies/salesforce/query-allowlist",
      "markdown": "https://www.intentbasedpolicy.com/policies/salesforce/query-allowlist.md",
      "app": "salesforce",
      "apps": [
        "salesforce"
      ],
      "bundles": [
        "crm"
      ],
      "tags": [
        "salesforce",
        "access-control",
        "data-protection",
        "governance",
        "ingress"
      ],
      "direction": "ingress",
      "package": "salesforce.ingress.query_allowlist",
      "publishedAt": "2026-06-16",
      "policyChecksum": "sha256:ff472238e1c75b0a9ecb1fd117ec46f104765f2b6c9b180755de142db1385c36",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/salesforce/query-allowlist",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/salesforce/query-allowlist/policy.md"
    },
    {
      "slug": "salesforce/read-only",
      "name": "Salesforce Read-Only Access",
      "summary": "Restricts the Salesforce MCP server to read-only access.",
      "url": "https://www.intentbasedpolicy.com/policies/salesforce/read-only",
      "markdown": "https://www.intentbasedpolicy.com/policies/salesforce/read-only.md",
      "app": "salesforce",
      "apps": [
        "salesforce"
      ],
      "bundles": [
        "crm"
      ],
      "tags": [
        "salesforce",
        "access-control",
        "governance",
        "read-only",
        "ingress"
      ],
      "direction": "ingress",
      "package": "salesforce.ingress.readonly",
      "publishedAt": "2026-06-16",
      "policyChecksum": "sha256:e66f0db4e835bc2684182230aea05bed5200658e4db8b81f27ffaa8134e5e696",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/salesforce/read-only",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/salesforce/read-only/policy.md"
    },
    {
      "slug": "salesforce/redact-pii",
      "name": "Salesforce Redact PII",
      "summary": "Redacts personal contact information from Salesforce tool responses before they reach the caller.",
      "url": "https://www.intentbasedpolicy.com/policies/salesforce/redact-pii",
      "markdown": "https://www.intentbasedpolicy.com/policies/salesforce/redact-pii.md",
      "app": "salesforce",
      "apps": [
        "salesforce"
      ],
      "bundles": [
        "crm"
      ],
      "tags": [
        "salesforce",
        "pii",
        "dlp",
        "redaction",
        "egress"
      ],
      "direction": "egress",
      "package": "salesforce.egress.pii_redaction",
      "publishedAt": "2026-06-16",
      "policyChecksum": "sha256:c3aa10e98fcac51fcdab8d099177f8e0d2275eb0251313d68e7fb992d091bed3",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/salesforce/redact-pii",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/salesforce/redact-pii/policy.md"
    },
    {
      "slug": "slack/deny-channel-creation",
      "name": "Slack: Deny Channel Creation",
      "summary": "Blocks Slack channel-creation tool calls at ingress. Every other Slack tool — and every non-Slack tool — passes through untouched.",
      "url": "https://www.intentbasedpolicy.com/policies/slack/deny-channel-creation",
      "markdown": "https://www.intentbasedpolicy.com/policies/slack/deny-channel-creation.md",
      "app": "slack",
      "apps": [
        "slack"
      ],
      "bundles": [
        "slack"
      ],
      "tags": [
        "slack",
        "access-control",
        "governance",
        "ingress"
      ],
      "direction": "ingress",
      "package": "slack.ingress.deny_channel_create",
      "publishedAt": "2026-06-16",
      "policyChecksum": "sha256:613c04806d02f35c3cf0f7aa2d2223c5cc91504186e14d62332a1cb019b72f2b",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/slack/deny-channel-creation",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/slack/deny-channel-creation/policy.md"
    },
    {
      "slug": "slack/deny-read-search-summarize-sensitive-channels",
      "name": "Slack: Deny Read/Search/Summarize of Sensitive Channels",
      "summary": "Blocks read, search, and summarize operations that target a configurable set of \"sensitive\" Slack channels.",
      "url": "https://www.intentbasedpolicy.com/policies/slack/deny-read-search-summarize-sensitive-channels",
      "markdown": "https://www.intentbasedpolicy.com/policies/slack/deny-read-search-summarize-sensitive-channels.md",
      "app": "slack",
      "apps": [
        "slack"
      ],
      "bundles": [
        "slack"
      ],
      "tags": [
        "slack",
        "access-control",
        "data-protection",
        "ingress"
      ],
      "direction": "ingress",
      "package": "slack.ingress.deny_sensitive_channel_read",
      "publishedAt": "2026-06-16",
      "policyChecksum": "sha256:be0ecf31a6f6908191cd28f537364984fc5771a0c39a9990d141094155b8e47b",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/slack/deny-read-search-summarize-sensitive-channels",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/slack/deny-read-search-summarize-sensitive-channels/policy.md"
    },
    {
      "slug": "slack/deny-direct-messages",
      "name": "Slack: Deny Sending Direct Messages",
      "summary": "Blocks Slack message-write calls whose destination resolves to a direct conversation — a 1:1 DM, a message posted to a user ID (which Slack auto-opens as a…",
      "url": "https://www.intentbasedpolicy.com/policies/slack/deny-direct-messages",
      "markdown": "https://www.intentbasedpolicy.com/policies/slack/deny-direct-messages.md",
      "app": "slack",
      "apps": [
        "slack"
      ],
      "bundles": [
        "slack"
      ],
      "tags": [
        "slack",
        "access-control",
        "governance",
        "ingress"
      ],
      "direction": "ingress",
      "package": "slack.ingress.deny_direct_messages",
      "publishedAt": "2026-06-16",
      "policyChecksum": "sha256:3bfcfdee14c1d8409123990b850b96ce507d93079e026b7c7d179b161c353910",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/slack/deny-direct-messages",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/slack/deny-direct-messages/policy.md"
    },
    {
      "slug": "slack/redact-sensitive-info",
      "name": "Slack: Redact Sensitive Information from Messages",
      "summary": "Redacts sensitive content from outgoing Slack message arguments before the call reaches Slack.",
      "url": "https://www.intentbasedpolicy.com/policies/slack/redact-sensitive-info",
      "markdown": "https://www.intentbasedpolicy.com/policies/slack/redact-sensitive-info.md",
      "app": "slack",
      "apps": [
        "slack"
      ],
      "bundles": [
        "slack"
      ],
      "tags": [
        "slack",
        "pii",
        "secrets",
        "dlp",
        "redaction",
        "ingress"
      ],
      "direction": "ingress",
      "package": "slack.ingress.redact_sensitive_info",
      "publishedAt": "2026-06-16",
      "policyChecksum": "sha256:77ad4d9fd33a830df6c976a3dbcb351e9774b652e48deaf1dd8b84727786679e",
      "schemaVersion": "1.0.0",
      "minimumGatewayVersion": "1.0.0b24",
      "repoPath": "apps/slack/redact-sensitive-info",
      "github": "https://github.com/dtwoai/policy-store/blob/main/apps/slack/redact-sensitive-info/policy.md"
    }
  ]
}