← Help centre

Custom detection rules

PromptSpotter ships with built-in detectors for the obvious stuff — API keys, credit-card numbers, personal data. Custom rules let you teach it the patterns that are specific to your business: internal ticket IDs, customer reference numbers, project codenames, anything you don’t want pasted into an AI tool by accident.

How custom rules work

Instead of asking you to write a regular expression, PromptSpotter uses an example-based approach. You paste two or three real (or realistic) examples of the pattern you want to catch, and the engine infers the structure. You can then tweak the inferred pattern, test it against sample text, and turn it on for your workspace.

Custom rules are a Business and Enterprise plan feature. Free workspaces can preview the editor but can’t save rules — start a 14-day trial from Billing to try it on real data.

Write your first custom rule

  1. Go to Policy → Custom rules in the admin console.
  2. Click New rule.
  3. Give the rule a short name (e.g. “Internal ticket ID”) and a severity (Block, Warn, or Log).
  4. In the Examples box, paste 2–3 real-looking examples, one per line. Keep them representative of the variation you expect (different lengths, different prefixes).
  5. Click Infer pattern. PromptSpotter will show you the inferred pattern in plain English and as a regex.
  6. Use the Test box to paste a paragraph and see what matches. Adjust if needed.
  7. Click Save. The rule rolls out to all extensions within about 60 seconds.

Examples that work well

  • Internal ticket IDsACME-1234, ACME-58921, ACME-7
  • Customer reference numbersCUST-2024-00481, CUST-2023-19002
  • Project codenames — paste the list of codenames literally; PromptSpotter will treat them as exact matches

Things to avoid

Don’t use custom rules to catch English phrases (“confidential”, “internal only”) — those generate enormous numbers of false positives and frustrate your team. For policy language like that, use the workspace-wide reminder in Policy → Acceptable use instead.

Editing and turning off rules

Every rule has an on/off toggle on the Custom rules page. Turn a rule off if it’s producing too many false positives — the change takes effect immediately. You can also edit the examples and re-infer the pattern at any time.

See also: how detection works on file uploads.