Agent Policy is a portable draft standard for agent policy decisions, approvals, permission grants, risk scopes, redaction, retention, waivers, and policy traces.
It interoperates with runtime, UI, evidence, knowledge, tool, artifact, identity, telemetry, and peer-agent systems without taking ownership of those systems. Policy engines can evaluate rules. Runtime enforces actions. UI renders approvals. Evidence records trust. Agent Policy defines the portable facts those systems exchange around agent decisions.
- Policy decisions with
allow,deny,ask,defer,escalate,waive,not_applicable, andindeterminateresults. - Risk scopes for tools, models, artifacts, sources, credentials, filesystems, networks, memory, remote agents, and human actions.
- Approval requests and permission grants with constraints, expiry, provenance, revocation, and delegation boundaries.
- Redaction and retention obligations for display, export, memory, evidence, and peer handoff.
- Waiver records that preserve the original policy result.
- Policy traces linking inputs, policy sets, matched rules, decisions, approvals, grants, waivers, runtime, telemetry, and evidence refs.
- Public JSON Schemas and LLM-friendly
llms.txt/llms-full.txtentrypoints.
- Specification
- Policy model
- Policy decision
- Risk scope
- Approval request
- Permission grant
- Waiver record
- Policy trace
- JSON Schemas
- Research sources
- 中文规范
llms.txt: concise navigation index for AI clients.llms-full.txt: concatenated current English documentation with source URLs.llm.txtandllm-full.txt: compatibility aliases.
- Agent Knowledge - source-grounded knowledge packs.
- Agent UI - interaction surfaces for agent products.
- Agent Runtime - execution facts, controls, tasks, tools, and recovery.
- Agent Evidence - evidence, provenance, verification, review, replay, and export.
- Agent Policy - policy decisions, approvals, permissions, risk, retention, waivers, and traces.
- Agent Artifact - durable deliverables, versions, parts, previews, exports, and handoff packages.
- Agent Tool - tool declarations, surfaces, invocations, progress, results, permissions, and audit refs.
- Agent Context - context surfaces, items, source refs, selection, budgets, assembly, injection, compaction, and missing-context facts.
See the Agent standards ecosystem page for the mutual-link map and future standard candidates.
npm install
npm run devnpm run buildThe static site is generated at docs/.vitepress/dist.