Critiq Docs
Get started
security.privacy

Sensitive data egress to third-party processors

Sensitive values should not be sent to external processors or outbound SDKs without minimization or redaction.

#Metadata

Rule ID
ts.security.sensitive-data-egress
Severity
high
Confidence
0.82
Languages
javascript, typescript
Presets
security, strict
Stability
experimental
Applies to
block
Tags
data-exposure, privacy, rules-catalog, security

#Why it matters

Sending regulated or secret data to third-party services increases privacy exposure and creates downstream processor risk.

#Remediation

Minimize the payload, redact the sensitive fields, or route the data only to approved processors.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/typescript/ts.security.sensitive-data-egress.rule.yaml.

Back to registryOpen rule in repository