Policy Detail

Source: app.qpoint.io/security/policies/:id

Destination Allowlist

v1

Default-deny outbound connections. Agents can only reach approved destinations — LLM APIs, sanctioned MCP servers. backboard.railway.app blocked.

Last Updated2026-04-28
RegulationsRuntime Enforcement
Flows Governed
847

Compliance
98
%

Violations
2

Rules
Learn more
Violations
Source
Dataflow
Destination
Violation
Time
cursor-agent-7f3a
Credential
S
~/.config/railway/credentials.json
Read RAILWAY_TOKEN from config file
Apr 25, 2:32 PM
cursor-agent-7f3a
Infrastructure
S
backboard.railway.app
Unapproved outbound destination
Apr 25, 2:32 PM
cursor-agent-7f3a
Destructive
S
backboard.railway.app/graphql
volumeDelete mutation — production database
Apr 25, 2:32 PM
ops-agent-b2c1
Infrastructure
S
api.machines.dev
Unapproved outbound destination
Apr 28, 9:14 AM
Loading 3D scene...
Blocked Agent Connections
Outbound to unapproved destinations
Credential Redaction
RAILWAY_TOKEN=rly_abc123def456
AWS_ACCESS_KEY_ID=AKIA...
-----BEGIN PRIVATE KEY-----
RAILWAY_TOKEN=REDACTED_BY_POLICY
AWS_ACCESS_KEY_ID=REDACTED_BY_POLICY
-----BEGIN PRIVATE KEY----- REDACTED
Approved Destinations
LLM APIs
api.anthropic.com
api.openai.com
MCP Servers
mcp.internal.acme.com
SaaS Services
github.com
linear.app
sentry.io
Notifications
Condition :
Action :
Throttling :
Condition :
Action :
Throttling :
Condition :
Action :
Throttling :