For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
DashboardProduct
DocsAPI ReferenceArchitecture
DocsAPI ReferenceArchitecture
  • Start here
    • What is Panicly?
    • Core concepts
    • Quickstart
    • Component gallery
  • Product workflows
    • Gateway lifecycle
    • Controls and policies
    • Usage and billing
    • Dashboard guide
  • Changelog
    • Changelog
LogoLogo
DashboardProduct
On this page
  • Evaluation layers
  • Rule tuning fields
Product workflows

Controls and policies

Enforcement layers that decide whether a request can proceed
||View as Markdown|
Was this page helpful?
Edit this page
Previous

Gateway lifecycle

Next

Usage and billing

Built with

Panicly enforcement is layered. Some controls live in the core rules engine, while others are enforced in the broader gateway path.

Sentry Mode

Immediate project traffic stop. Stored internally as panic_mode.

Network Controls

Sender IP blocking and inspection, backed by ip_rules or local fallback storage.

Region Rules

Country and Panicly-defined region blocking, backed by geo_rules.

Model Controls

Per-project model enable and disable state backed by model_rules.

Token guard

Blocks requests that exceed configured token limits.

Loop guard

Detects repeated identical payload patterns.

Evaluation layers

1. Workspace and project auth

The Panicly key must belong to a valid project in the workspace.

2. Plan and quota

Free workspaces stop when included volume is used. Paid workspaces can continue when credit-backed capacity exists.

3. IP, region, and model controls

The gateway can block by sender IP, country, product-defined region, or disabled model before provider forwarding.

4. Core rules engine

The rules engine checks Sentry Mode, burst protection, abuse detection, token guard, and loop guard.

5. Upstream provider result

Approved requests can still be rejected by the upstream provider. Panicly should still record the outcome.

Use trusted location signals

Region and network decisions depend on trusted platform headers or trusted proxy sources. Do not document them as trusting arbitrary client-supplied headers.

Rule tuning fields

rate_limit_rpm
number

Per-project burst protection threshold.

abuse_threshold
number

Rolling abuse or spend-style threshold.

max_tokens
number

Maximum token budget accepted for a request.

loop_sensitivity
number

Sensitivity for repeated-payload detection.