MNPI Filter
The mnpi-filter policy is an output-phase blocker for material non-public information signals. It scans generated output text for configured detect_patterns or a small built-in default list and blocks the response when a phrase is found.
Configuration
pack:
name: mnpi-filter
version: "1.0.0"
enabled: true
policies:
chain:
- mnpi-filter
policy:
mnpi-filter:
detect_patterns:
- "earnings before announcement"
- "merger not public"
- "insider information"
- "board decision"
Fields
| Field | Type | Description | Default |
|---|---|---|---|
detect_patterns | string[] | Case-insensitive phrases checked against generated output. If empty, the policy falls back to the built-in defaults below. | built-in list |
action | block | The only accepted action; every match blocks. | block |
Built-in defaults
If you omit detect_patterns, the gateway uses this default list:
earnings before announcementmerger not publicinsider informationboard decisionnot public
How it works
- Output extraction: the gateway extracts assistant output text from the buffered response body.
- Pattern scan: the gateway lowercases the text and checks for configured or built-in phrases.
- Context details: the policy also records whether nearby stock-symbol context words such as
earnings,merger,ipo, oracquisitionappeared in the text. - Verdict: any phrase match blocks the output with
reason_code = "mnpi.detected".
Important limitations
- This policy evaluates output text only.
- The policy does not support a configurable
warnorredactmode today. - The built-in defaults are intentionally small. Real deployments should add firm-specific phrases.
Valid examples
Default output block
pack:
name: mnpi-defaults
version: "1.0.0"
enabled: true
policies:
chain:
- mnpi-filter
policy:
mnpi-filter: {}
Add firm-specific phrases
pack:
name: investment-banking-guardrail
version: "1.0.0"
enabled: true
policies:
chain:
- mnpi-filter
- financial-compliance
policy:
mnpi-filter:
detect_patterns:
- "earnings before announcement"
- "pending acquisition"
- "guidance revision not public"
- "board decision"
- "deal valuation confidential"
Best practices
- Replace or extend the defaults with language used by your legal and compliance teams.
- Pair with
financial-compliancefor broader finance-output controls. - Review blocked events regularly and refine the phrase list based on actual false positives and misses.
Next steps
- Financial Compliance — Finance-specific rewrite and block controls
- Human Oversight — Escalate risky outputs elsewhere in the chain
- Audit Logger — Mark audit logging as active in the policy decision stream
- Trail and Audit Evidence — Inspect and verify persisted decision evidence
- PII Detector — Sanitize sensitive identifiers in related workflows