Docs / Security / Guardrails
Execution guardrails.
Policies enforce allow/deny, budget caps, approvals, and regulatory constraints at execution time.
How to use
1. Review control
Understand the control definition.
2. Verify implementation
Confirm evidence output exists.
3. Export proof
Generate evidence for auditors.
4. Monitor drift
Track changes to control posture.
Guardrail types
Allow/Deny rules
Explicit policy scopes define what can execute.
Approval gates
Multi-party approvals for high-risk actions.
Budget constraints
Caps on volume, spend, or sensitive operations.
Regulatory checks
Map decisions to GDPR, SOX, or EU-AI rules.
Decision basis
Each decision returns policy basis and regulation mapping
Guardrails are deterministic and reproducible
Export packs include guardrail compliance summary
Key API endpoints
GET /guardrails — guardrail rulesGET /policy/changes — change logEvidence outputs
Guardrail compliance records
Policy diff exports