Policies

Rules that decide what gets allowed, blocked, or sent to review.

Block unverified publishers requesting Gmail or Drive access

Action: BlockScope: Google OAuthMatches: 12

Require review for extensions requesting all-site access

Action: Require reviewScope: Chrome / EdgeMatches: 28

Auto-block plugins with publisher ownership changes

Action: BlockScope: All typesMatches: 3

Allow approved AI writing assistants only for non-sensitive domains

Action: Allow with conditionsScope: Gmail add-onsMatches: 5

Require security approval for IDE plugins that read workspace files

Action: Require reviewScope: VS Code / JetBrainsMatches: 9