> ## Documentation Index
> Fetch the complete documentation index at: https://docs.starfort.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Actions: PASS / MASK / BLOCK

> Every Guardian decision resolves to one of three actions. Learn what each means and how the overall action is chosen.

Every time a Guardian evaluates content it returns an **action**. The middle state differs by policy type: **PII** policies use `PASS` / `MASK` / `BLOCK`, while **Topic** policies use `PASS` / `CHECK` / `BLOCK`.

<CardGroup cols={2}>
  <Card title="PASS" icon="check">
    No rule matched (or only `PASSING` rules did). Content continues unchanged.
  </Card>

  <Card title="MASK" icon="eye-slash">
    *(PII only)* Sensitive spans are replaced with mask tokens. The Guardian returns the masked content.
  </Card>

  <Card title="CHECK" icon="magnifying-glass">
    *(Topic only)* A `controversial` topic matched — flagged as review-needed. On the **Desktop Agent and Proxy Server, CHECK is enforced as PASS** (content passes through, recorded in the trace only); API callers receive `CHECK` directly.
  </Card>

  <Card title="BLOCK" icon="ban">
    A blocking rule or unsafe topic matched. The request is stopped and nothing is sent onward.
  </Card>
</CardGroup>

## The overall action is the highest severity

A response has a root `action` and a per-item breakdown. The root action is the **most severe** action across everything detected, combining PII and Topic results: `BLOCK` > `MASK` > `CHECK` > `PASS`. So a single blocking match makes the whole request `BLOCK`, even if other parts would only be masked.

## What it looks like (real responses)

**MASK** — PII matched and was replaced; `processed_content` holds the masked text. Mask tokens follow the format `[<MASK_WORD>_<n>]`, numbered per category (1-based, in document order, and **value-stable** — the same original value gets the same number, so two different names become `[PERSON_NAME_1]` and `[PERSON_NAME_2]`). The original behind each token is exposed as `matched_text`, which is what `unmaskOutput` uses to restore it:

```json theme={null}
{
  "action": "MASK",
  "input_results": [{
    "index": 0, "type": "text", "action": "MASK",
    "processed_content": "제 번호는 [PHONE_NUMBER_1] 이고 이메일은 [EMAIL_1] 입니다.",
    "results": [{
      "policy_name": "PII Masking Policy", "policy_type": "PII", "action": "MASK",
      "detected_items": [
        { "rule_type": "regex", "rule_name": "phone_number", "mask_word": "PHONE_NUMBER_1", "matched_text": "010-2543-2513" },
        { "rule_type": "regex", "rule_name": "email", "mask_word": "EMAIL_1", "matched_text": "jane@acme.co.kr" }
      ]
    }]
  }]
}
```

**BLOCK** — an unsafe Topic matched; `processed_content` is `null`:

```json theme={null}
{
  "action": "BLOCK",
  "input_results": [{
    "index": 0, "type": "text", "action": "BLOCK", "processed_content": null,
    "results": [{
      "policy_name": "Topic Policy", "policy_type": "TOPIC", "action": "BLOCK",
      "detected_items": [{ "rule_id": "WPN", "rule_name": "무기", "action": "BLOCK", "confidence": 0.91 }]
    }]
  }]
}
```

<Note>
  For the full field reference (PII vs. Topic `detected_items`), see [Response format](/en/v1.2/api/response-format).
</Note>

## Where you see actions

* **API Developers** read `action` from the [Guard API response](/en/v1.2/api/response-format).
* **Account Admins** see every action as a trace in [Opticon monitoring](/en/v1.2/admin/monitoring-opticon), tagged `PASS` / `MASK` / `CHECK` / `BLOCK` (the trace tag keeps `CHECK` even where it was enforced as PASS).
* **Desktop Agent users** experience MASK/BLOCK transparently as they use AI tools.