Policy Engine

@agorio/plugin-policy-engine evaluates JSON-defined rules against each tool call. It’s the most general governance plugin: instead of a single fixed concern (spend, approval), you express arbitrary allow/deny rules as data.

import { policyEngine } from '@agorio/plugin-policy-engine';
 
const agent = new ShoppingAgent({
  llm,
  plugins: [
    policyEngine({
      rules: [
        { effect: 'deny', when: { merchant: 'blocked.example.com' } },
        { effect: 'allow', when: { category: 'office-supplies' } },
      ],
    }),
  ],
});

The engine hooks onBeforeToolCall and blocks any call that a deny rule matches. Because rules are plain JSON, they can be stored externally, edited without code changes, and shared across agents. It’s MIT-licensed and published as @agorio/plugin-policy-engine.

Agent Identity Procurement