fix: guard unsupported Presidio entities

[vishalg0wda]

Summary

• add a server-side Presidio allowlist so unsupported entities are dropped before scan requests
• shrink the Presidio support map to the empirically verified runtime set from the live 2.2.362 container
• simplify the frontend rule catalog by removing unsupported Presidio rules in-place instead of carrying available flags and special-case UI logic
• revert the recent presidiotest sample churn so tests stay focused on client behavior rather than mirroring runtime probes

Validation

• rtk go test ./server/internal/background/activities/risk_analysis/...
• cd client/dashboard && npx tsc --noEmit
• probed live Presidio API/logs on http://127.0.0.1:5050

Notes

• this is still a shrink, not an allowlist expansion: DOMAIN_NAME, SG_NRIC_FIN, and MEDICAL_LICENSE remain removed from the supported production set
• cd client/dashboard && pnpm build still fails on a pre-existing unresolved import from client/dashboard/src/contexts/Sdk.tsx
• the isolated Presidio lab experiment lives in separate draft PR wip: isolated presidio lab experiment #3101
• production healthcare/image work is intentionally not included in this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
gram-docs-redirect	Ready	Preview, Comment	May 29, 2026 12:58pm

[linear-code]

AGE-2576

[changeset-bot]

⚠️ No Changeset found

Latest commit: 13fd2f4

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[github-actions]

Prompt-injection risk report

Corpus: 933 cases (384 malicious / 549 benign)
This PR: 3e7dfe8c · 2026-05-29T12:59:53Z

No main baseline artifact found yet; this comment shows the current run only.

Operational Modes

mode	status	total	TP	FP	FN	precision	recall	F1	FP-rate
L0 only	ok	933	76	0	308	1	0.1979	0.3304	0
L0 + L1 opt-in	skipped	-	-	-	-	-	-	-	-

L1 opt-in was not evaluated in this run: classifier URL is not set.

_{Generated by .github/scripts/risk-metrics-comment.py. Full source/rule breakdown and samples are in the risk-accuracy-metrics artifact.}

[speakeasybot]

🚀 Preview Environment (PR #3085)

Preview URL: https://pr-3085.dev.getgram.ai

Component	Status	Details	Updated (UTC)
✅ Database	Ready	Existing database reused	2026-05-29 13:05:33.
✅ Images	Available	Container images ready	2026-05-29 13:05:15.

_{Gram Preview Bot}

[claude]

Claude Code Review

This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.

_{Tip: disable this comment in your organization's Code Review settings.}

[cubic-dev-ai]

No issues found across 6 files

_{Re-trigger cubic}

[mfbx9da4]

From what I gather you are trying to verify that presidio is able to handle the various detection rules/entities that you put here and detect stuff. However if I'm not mistaken the test runs against a mock so we never actually verify that?

[vishalg0wda]

Sorry yeah. This test is stupid.

[mfbx9da4]

If I'm not mistaken, this will not break presidio sending unknown entities will simply be ignored. Now if we add detection for a new entity we'll have to update several places

1. Add to UI
2. Remove from UI blacklist
3. Remove from request blacklist
4. Add to presidio

[vishalg0wda]

Correct. Is it a concern needing to update multiple places?