Sensitive data egress to third-party processors | Critiq Docs

#Metadata

Rule ID: security.sensitive-data-egress
Severity: high
Confidence: 0.8
Languages: python, rust
Presets: security, strict
Stability: experimental
Applies to: block
Tags: data-exposure, privacy, rules-catalog, security

#Why it matters

Sending regulated or secret data to third-party services increases privacy exposure and creates downstream processor risk.

#Remediation

Minimize the payload, redact sensitive fields, or route the data only to approved processors.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/shared/security.sensitive-data-egress.rule.yaml.

Back to directory Open rule in repository