// Docs
Streaming Security
CAST means Continuous-on-Authoring Security Testing.
The main point is simple: Cencurity Engine checks model output while it is still being generated.
Why it matters
Unsafe code can appear before it is ever pasted into a file.
That is why the engine works on the stream itself.
Three outcomes
- normal code output ->
allow - secret or token in output ->
redact - dangerous code like
eval(...)->block
Simple streaming model
model streams output
-> engine inspects chunks
-> safe output continues
-> sensitive output is redacted
-> dangerous output is blocked
Operational behavior
The engine docs describe stream-time behavior such as:
- SSE parsing and
[DONE]handling - cross-chunk scanning
- redact and block interception
- long-stream stability