Activated the securlet with "Selective Scan" option and configured the scan policy for a specific user group or file path. However, Investigate api logs show activity for additional users and directories, even those outside the scan policy.
The Scan Policies are for securlet reporting. The results showing on the securlet dashboard will reflect the scan policy. Only risks and exposures within the scan policy will be reported on the dashboard and securlet reports.
Working as designed.