allow or deny.
The policy runs at runtime before the agent uses a capability, so the policy can block unsafe tool calls, database queries, model calls, MCP tools, memory writes, file access, and other actions.
What Policy-as-Code Means In Brane
A Brane policy is not a prompt. A Brane policy is application code:Why Policy-as-Code Is Better Than Prompt Rules
Prompt rules are advisory. Policy code is enforceable.
Brane policies run before the consequence occurs.
Policy Inputs
Every policy receives a PolicyContext. The context includes:- The capability being attempted
- The input arguments
- The agent identity
- The principal identity
- The tenant
- The environment
- The capability risk level
- The output for after-capability policies
Policy Output
Every policy returns a Decision:allow and deny are implemented. Additional decision types such as approval_required, redact, transform_input, and transform_output are planned.
