governance

Policy Engine

The pure-function authorization layer that decides every spend before the wallet signs anything. No LLM in this path.

The Policy Engine is the deterministic gate between an agent's proposal and any actual spend. It evaluates per-call, per-mission, and per-day budget caps; vendor allow/block lists; data sensitivity ladders; and human-approval rules. The engine is a pure function — same input always returns the same decision — which is why we can hash-chain its decisions into the audit ledger.

The architectural rule: the Policy Engine has no LLM dependency. The pattern audit (tools/audit.ts) refuses any code change that imports an LLM client into the policy or wallet modules.

Related
Where this term shows up