Skip to main content
Define allow/deny rules so agents cannot run dangerous tools — attach a PolicyEngine before the agent starts.
from praisonaiagents import Agent
from praisonaiagents.policy import PolicyEngine, Policy, PolicyRule, PolicyAction

engine = PolicyEngine()
engine.add_policy(Policy(
    name="no_delete",
    rules=[
        PolicyRule(
            action=PolicyAction.DENY,
            resource="tool:delete_*",
            reason="Delete operations blocked",
        )
    ],
))

agent = Agent(
    name="SecureAgent",
    instructions="You are a file management assistant.",
)
agent.policy = engine
agent.start("Help me organise my project files")
The user requests a risky action; policy rules allow or deny tools before execution.

Quick Start

1

Simple Usage

Block delete tools on a file-management agent:
from praisonaiagents import Agent
from praisonaiagents.policy import (
    PolicyEngine, Policy, PolicyRule, PolicyAction,
    create_read_only_policy,
)

engine = PolicyEngine()
engine.add_policy(create_read_only_policy())

agent = Agent(name="Assistant", instructions="Manage files safely.")
agent.policy = engine
agent.start("List files in the current directory")
2

With Configuration

Use strict mode and custom deny lists:
from praisonaiagents import Agent
from praisonaiagents.policy import (
    PolicyEngine, PolicyConfig, create_deny_tools_policy,
)

engine = PolicyEngine(PolicyConfig(strict_mode=True))
engine.add_policy(create_deny_tools_policy(
    ["execute_*", "shell_*"],
    reason="System commands are blocked",
))

agent = Agent(name="Reviewer", instructions="Read and summarise code only.")
agent.policy = engine

How It Works

ComponentPurpose
PolicyRuleWildcard resource patterns with ALLOW, DENY, ASK, or LOG
PolicyEngineEvaluates rules by priority; optional strict mode
agent.policyAttach the engine before start()
Pattern examples: tool:read_file, tool:delete_*, tool:*.

Configuration Options

OptionTypeDefaultDescription
strict_modeboolFalseDeny operations not explicitly allowed
actionPolicyActionALLOW, DENY, ASK, LOG, RATE_LIMIT
resourcestrNoneGlob pattern (e.g. tool:shell_*)
priorityint0Higher priority rules evaluate first

Best Practices

Set agent.policy = engine immediately after creating the agent.
Use create_read_only_policy() before writing custom rules.
Prefer tool:delete_* over tool:* deny rules so read tools keep working.
PolicyConfig(strict_mode=True) blocks unknown tool names by default.

Guardrails

Validate agent output before returning to users

Approval

Require human confirmation for sensitive actions