Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.brane.membranelabs.org/llms.txt

Use this file to discover all available pages before exploring further.

Every component labeled honestly: implemented, partially implemented, or planned. The plans describe two documents: one for the current brane-core state, and one for the full future platform. This page covers both so you know exactly what you can use today.

Package

pip install brane-core
brane-core is the local, framework-independent Python runtime. It has no external service dependencies. It runs in your process and enforces policies before and after capability calls.

Implemented Today

All primitives and the core interception loop are implemented:
  • Runtime
  • Capability
  • Effect
  • SideEffect
  • Scope
  • AgentAction
  • Decision with allow and deny
  • PolicyContext
  • Policy
  • CapabilityRegistry
  • PolicyRegistry
  • PolicyEngine
  • InterceptRequest
  • InterceptResult
  • CapabilityInterceptor
  • CallableCapabilityInterceptor
  • CapabilityDeniedError
  • CapabilityNotFoundError
  • @runtime.capability decorator
  • @runtime.before_capability decorator
  • @runtime.after_capability decorator
  • runtime.wrap_capability
  • runtime.create_action
  • runtime.evaluate_action
  • Exact and wildcard policy target matching
  • Policy priority ordering
  • Deny-wins composition

Partially Implemented

ComponentGap
Decision compositionallow and deny only; approval_required, redact, and transform are not wired yet
Scope checkingctx.agent_has_scope() checks capability.scopes by name; full agent grant model is planned
Capability schemasinput_schema and output_schema fields exist; schema validation and generation are planned
on_error policy stagePolicyStage.on_error is defined in the type; interception does not invoke it yet

Planned Next

  • Audit events and pluggable AuditSink
  • approval_required Decision type
  • Async function wrappers
  • Error stage policy interception
  • transform_input and transform_output Decision types
  • redact Decision type
  • Capability grants and GrantRegistry
  • Framework adapter base contract
  • LangGraph adapter
  • CrewAI adapter
  • OpenAI Agents SDK adapter
  • MCP adapter

Future Platform

  • Brane Cloud: remote policy evaluation
  • Audit ingestion API
  • Approval workflow API
  • Policy bundles and versioning
  • Brane Dashboard
  • Brane CLI
  • Model governance
  • Memory governance
  • Retrieval governance
  • Filesystem governance
  • Secret governance
  • Sandbox governance
  • Browser and computer-use governance
  • Multi-agent governance

Known Limitations

  • Synchronous callables only. Async wrappers are planned.
  • No streaming support. Streaming interception is planned.
  • No input mutation. transform_input decisions are planned.
  • No output mutation. redact and transform_output are planned.
  • No approval pausing. approval_required decisions are planned.
  • No audit persistence. AuditSink is planned.
  • No agent grant system. Scope checking is name-match only today.
  • Install command may change before stable release.

Open Questions

  • Will the package name be brane, brane-core, or brane-runtime?
  • Will dataclasses migrate to Pydantic models?
  • Should allow-by-default remain when no policy matches?
  • What should approval_required do before approval providers exist?
  • Which integration ships first?
See the Roadmap for the full planned build order.