You create a blacklist, and set the Type, Severity and Category as you want. Then, you may meet an issue that the action may not be performed as you want.
To determine the action, SWG will check the matching policy's configuration.
In policy configuration, there are three settings will affect the blacklist action.
If the action are not the same, the final action will be determined by the order of above settings.
If you set the Category to Minor spyware web site, Severity to Minor, and the Type to Block by URL.
Then, when the user hit this blacklist, the action need to check the matched policy, and follow the order to determine the result.
By default, the first action configure is Spyware Category, the second is Spyware Severity, and the third is Detection Type.
This blacklist will hit the Category as "Minor Spyware Web Site", Severity as "Minor", Detection Type as "Malware URL".
Then the final action will follow the order of the policy.