arcie.
++

Policies

Constrain what an agent may do — guardrails, allowed models, blocked tools, and spend budgets.

Policies are the guardrails around an agent: which safety guards run, which models and tools are allowed, and how much it may spend. Define them in agent/policies/index.ts as a default-exported PolicyConfig.

// agent/policies/index.ts
export default {
  inputGuards: ["pii-redaction"],
  outputGuards: ["content-filtering"],
  allowedModels: ["claude-sonnet-4-5", "gpt-4o"],
  blockedTools: ["delete_account"],
  budget: {
    maxSpendPerSession: "5.00",
    maxSpendPerDay: "100.00",
    maxSpendPerMonth: "2000.00",
  },
};

PolicyConfig

interface PolicyConfig {
  inputGuards?: string[];    // guards applied to inbound messages
  outputGuards?: string[];   // guards applied to model output
  allowedModels?: string[];  // allowlist of models the agent may use
  blockedTools?: string[];   // tools that must never run
  budget?: {
    maxSpendPerSession?: string;
    maxSpendPerDay?: string;
    maxSpendPerMonth?: string;
  };
}
FieldPurpose
inputGuardsSafety guards run on input, e.g. "pii-redaction".
outputGuardsSafety guards run on output, e.g. "content-filtering".
allowedModelsIf set, only these models may run.
blockedToolsTools that are always denied, even if defined.
budgetHard spend caps per session / day / month (USD strings).

Enforcement

Guards and budgets are enforced by Cencori at run time — the same security and spend controls that protect Cencori's gateway. The policy travels with the agent's Cencori configuration; the security.policy field on agent.ts (strict / standard / permissive) sets the basarcie that these per-agent rules tighten.

Budgets are strings so you can express currency precisely ("5.00"). Pair a tight maxSpendPerSession with requireApproval in sessions for defense in depth on costly agents.