Policy Presets

Complete API reference for all 8 policy presets in governance-sdk.

8 built-in presets that cover 90% of governance needs. Each returns a PolicyRule you pass to createGovernance.

import {
  blockTools,
  allowOnlyTools,
  requireApproval,
  tokenBudget,
  rateLimit,
  requireLevel,
  requireSequence,
  timeWindow,
} from 'governance-sdk';

blockTools

blockTools(tools: string[], reason?: string): PolicyRule

Block specific tools by name. Any action targeting a listed tool returns a block outcome. The most common policy preset.

import { blockTools } from 'governance-sdk';

const rule = blockTools(['shell_exec', 'db_drop', 'fs_write']);
// Blocks any enforce() call where action.tool matches

allowOnlyTools

allowOnlyTools(tools: string[], reason?: string): PolicyRule

Allowlist mode. Only the listed tools are permitted — every other tool is blocked. Inverse of blockTools.

import { allowOnlyTools } from 'governance-sdk';

const rule = allowOnlyTools(['email_draft', 'search', 'crm_read']);
// Everything except these three tools is blocked

requireApproval

requireApproval(actions: PolicyAction[], reason?: string): PolicyRule

Human-in-the-loop gate. Takes an array of PolicyAction objects. Instead of blocking, returns a "requires_approval" outcome so your application can prompt a human reviewer before proceeding. Priority 80.

import { requireApproval } from 'governance-sdk';

const rule = requireApproval(['payment', 'database_mutation']);
// result.outcome === 'require_approval' when matched

tokenBudget

tokenBudget(limit: number): PolicyRule

Enforce a per-session token budget. Once the cumulative token count exceeds the limit, subsequent actions are blocked.

import { tokenBudget } from 'governance-sdk';

const rule = tokenBudget(50_000); // 50K tokens per session

rateLimit

rateLimit(maxActions: number, windowMs: number): PolicyRule

Declarative threshold check. The SDK compares a caller-supplied action count against the configured maximum. It does not track counts itself.

import { rateLimit } from 'governance-sdk';

const rule = rateLimit(100, 60_000);
// 100 actions per 60-second window

Warning: This is a declarative check, not server-side rate limiting. For production use, pair it with Upstash or Redis to track actual counts.

requireLevel

requireLevel(minLevel: number): PolicyRule

Require agents to meet a minimum governance score level (L0–L4) before acting. Agents below the threshold are blocked.

import { requireLevel } from 'governance-sdk';

const rule = requireLevel(2); // L2 (Managed) or higher required
// L0 Unregistered, L1 Basic, L2 Managed, L3 Governed, L4 Certified

requireSequence

requireSequence(tool: string, requiredPrior: string[], reason?: string): PolicyRule

Enforce tool prerequisites. The target tool is blocked until all prerequisite tools have been called in the current session. Useful for CI/CD-style pipelines.

import { requireSequence } from 'governance-sdk';

const rule = requireSequence('deploy', ['test', 'lint', 'build']);
// deploy is blocked until test, lint, and build have all run

timeWindow

timeWindow(startHour: number, endHour: number, reason?: string): PolicyRule

Restrict actions to specific time windows. Actions outside the window are blocked.

import { timeWindow } from 'governance-sdk';

const rule = timeWindow(9, 17);
// Actions only allowed between 9am and 5pm

Composing Presets

Presets return standard PolicyRule objects. Pass multiple to createGovernance and they evaluate in priority order.

import {
  createGovernance,
  blockTools,
  requireApproval,
  requireLevel,
  requireSequence,
  timeWindow,
} from 'governance-sdk';

const gov = createGovernance({
  rules: [
    blockTools(['shell_exec', 'db_drop']),
    requireApproval(['payment']),
    requireLevel(2),
    requireSequence('deploy', ['test', 'lint', 'build']),
    timeWindow(9, 17),
  ],
});

// All rules evaluated on every enforce() call.
// Higher-priority rules win on conflict.

Note: Rules are evaluated in priority order. Use composePolicies from governance-sdk/policy-compose for cross-team merging with conflict resolution.