Crate arbiter_policy

Expand description

Deny-by-default policy engine for Arbiter authorization.

Evaluates whether an agent may call specific tools with specific parameters, matching on agent identity, trust level, session context, tool name, and parameter constraints. Policies are loaded from TOML configuration and evaluated with deny-by-default semantics.

Re-exports§

pub use error::PolicyError;
pub use eval::Decision;
pub use eval::EvalContext;
pub use eval::EvalResult;
pub use eval::PolicyTrace;
pub use eval::evaluate;
pub use eval::evaluate_explained;
pub use model::Disposition;
pub use model::Effect;
pub use model::Policy;
pub use model::PolicyConfig;
pub use model::PolicyDiagnostic;
pub use model::PolicyId;
pub use model::ValidationResult;
pub use watcher::PolicyWatcher;

Modules§

error
eval: Policy evaluation engine.
model
watcher: File-system watcher for hot-reloading policy configuration.

Crate arbiter_policy

Crate arbiter_policy Copy item path

Re-exports§

Modules§

Crate arbiter_policy