Small policy, review, and audit primitives for gating agent tool calls.
Four pieces:
PolicyGate— evaluates an action asallow,ask, ordeny.ReviewQueue— stores human review requests in memory or SQLite.AuditLog— records append-only events in memory or JSONL.@gated— wraps sync or async functions and enforces the policy before execution.
pip install agent-policy-gate
# with FastAPI review router
pip install "agent-policy-gate[api]"from agent_policy_gate import AuditLog, PendingApproval, PolicyGate, ReviewQueue, gated
policy = PolicyGate.from_dict({
"default": "allow",
"actions": {
"send_email": "ask",
"delete_file": "deny",
},
})
reviews = ReviewQueue("sqlite:///tmp/reviews.db")
audit = AuditLog("jsonl:///tmp/audit.jsonl")
@gated(policy=policy, reviews=reviews, audit=audit, action="send_email")
def send_email(to: str, subject: str, body: str) -> str:
return f"sent email to {to}: {subject}"
try:
send_email("alice@example.com", "Hi", "Hello")
except PendingApproval as exc:
print(f"approve review {exc.review_id} first")
reviews.approve(exc.review_id, approver="operator")
send_email("alice@example.com", "Hi", "Hello", _policy_review_id=exc.review_id)If you have FastAPI installed (pip install "agent-policy-gate[api]"):
from fastapi import FastAPI
from agent_policy_gate.api import create_review_router
app = FastAPI()
app.include_router(create_review_router(reviews))Routes:
GET /reviewsGET /reviews/{review_id}POST /reviews/{review_id}/approvePOST /reviews/{review_id}/deny
See docs/agent-policy-gate.md for the full reference and examples/ for runnable code.
Alpha. API may change before 1.0. Carved out of Beekeeper as a standalone primitive.
Apache 2.0 — see LICENSE.