Timing
Abefore_capability policy runs after the call is intercepted but before the underlying function executes. If the policy denies, CapabilityDeniedError is raised and the function never runs. The consequence does not occur.
Registration
What Is Available
In abefore_capability policy, ctx.output is always None; the function has not run yet.
ctx.capabilityctx.arg("name")ctx.agent_id,ctx.principal_id,ctx.tenant_idctx.is_prod,ctx.is_high_riskctx.agent_has_scope("scope")
Common Use Cases
Block unsafe SQL input:Deny Behavior
When any before policy returnsDecision(type="deny"):
- The runtime stops evaluating remaining before policies
- The underlying function is not called
CapabilityDeniedErroris raised with the denial reason
Policy Order
Multiple before policies on the same capability run in descending priority order. Deny wins: if any policy denies, the action is blocked regardless of other policies. Wildcard policies ("*") run alongside exact-match policies.
Future Decision Types
approval_required: pause until a human approvestransform_input: mutate the input before executionroute: redirect to a different capability or providersandbox: execute with restricted accesslog_only: allow but flag for review
