It’s meant for agent/tool code (refunds, deletes, API writes, prod changes) where you want a gate outside the prompt.
How it works
Evaluate a policy on the call context (action + args/kwargs)
Optionally request human approval (terminal y/n in v0.1.1)
Write audit entries (JSONL by default) and correlate with request_id
Key semantics
Decision logging is fail-closed (if decision logging fails, the function does not execute)
Outcome logging is best-effort (logging failure won’t change the function return/exception)
Redacts secret key names + value patterns (JWT-like, sk-, PEM blocks)
It’s intentionally minimal and framework-agnostic: implement your own Policy, Approver,or AuditLogger (Slack/web UI/db) and inject them.