Skip to content

Policy Spec

Policies are YAML. Each rule has: - name: string - match: action type (http_request, file_write, command, tool_call, schema) - where: optional attribute filters - action: allow | deny | approval - reason: optional human-readable string

Examples

1) Network egress whitelist

- name: "Only allow internal APIs"
  match: "http_request"
  where:
    host_in: ["api.internal.corp", "auth.internal.corp"]
  action: "allow"

- name: "Block all other egress"
  match: "http_request"
  action: "deny"
  reason: "External egress not permitted"

2) Budget guardrail

- name: "Cap tool budget"
  match: "tool_call"
  where:
    tool: "cloud.create_instance"
    cost_usd_over: 50
  action: "approval"
  reason: "High-cost action"

3) Output schema validation

- name: "Enforce JSON schema"
  match: "schema"
  where:
    schema: "schemas/invoice.json"
  action: "deny"
  reason: "Output violates schema"

Evaluation order: top → bottom; first match wins (configurable).