PolicyEngine before the agent starts.
Quick Start
1
Simple Usage
Block delete tools on a file-management agent:
2
With Configuration
Use strict mode and custom deny lists:
3
Denial in action
Attach a deny policy and watch the tool call get blocked before it runs:Policy denials return an error to the model before the tool executes — the same pre-dispatch check applies to native and MCP tools alike. Guardrails run at this same hook:
GuardrailChain.validate_tool_call / LLMGuardrail.validate_tool_call can veto a tool call before dispatch (see the Guardrails card below).How It Works
Pattern examples:
tool:read_file, tool:delete_*, tool:*.
Configuration Options
Best Practices
Attach policy before the first turn
Attach policy before the first turn
Set
agent.policy = engine immediately after creating the agent.Start with read-only presets
Start with read-only presets
Use
create_read_only_policy() before writing custom rules.Use wildcards sparingly
Use wildcards sparingly
Prefer
tool:delete_* over tool:* deny rules so read tools keep working.Enable strict mode in production
Enable strict mode in production
PolicyConfig(strict_mode=True) blocks unknown tool names by default.Related
Guardrails
Validate agent output before returning to users
Approval
Require human confirmation for sensitive actions

