Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.brane.membranelabs.org/llms.txt

Use this file to discover all available pages before exploring further.

Policy control for AI agents means enforcing explicit rules when an agent attempts to act. Brane provides policy control by evaluating Python policy functions before and after capability execution. Policies receive a structured PolicyContext and return a structured Decision.

Policy Control Loop

Capability + AgentAction + PolicyContext -> Policy -> Decision
This loop lets teams decide what an agent can do based on:
  • Agent identity
  • Principal identity
  • Tenant
  • Environment
  • Capability risk
  • Input arguments
  • Output
  • Runtime metadata
  • Application-specific policy data

Before Policies

Before policies run before the action executes. Use them to prevent unsafe side effects. 
@runtime.before_capability("refund_customer")
def refund_limit(ctx):
    if ctx.arg("amount_usd", 0) > 100:
        return Decision(type="deny", reason="Refund exceeds tenant limit")
    return Decision(type="allow")

After Policies

After policies run after execution and can inspect output. Use them to detect oversized outputs, unexpected schemas, PII, secrets, or policy violations after the capability returns. 
@runtime.after_capability("call_model")
def block_secret_leak(ctx):
    if "SECRET_KEY" in str(ctx.output or ""):
        return Decision(type="deny", reason="Possible secret in output")
    return Decision(type="allow")

Policy Control Categories

CategoryExample policy
Financial controlDeny refunds above a tenant limit
Data controlAllow only SELECT queries
Tenant controlBlock cross-tenant actions
Environment controlBlock high-risk capabilities in prod
Tool controlDeny destructive tools without approval
Output controlDeny responses containing secrets or PII