Runtime governance, grouped by the problem it solves.

Should this agent action run right now?

Evaluate every tool call before execution and return a deterministic allow, block, ask, warn, or redact decision.

• Pre-tool decisions
• allow, block, ask, warn, redact
• Principal-aware evaluation
• Side-effect aware rules
• Structured block reasons
• Dry-run evaluation

What is this agent allowed to read, write, call, or return?

Write versionable YAML rules for pre, post, session, and sandbox checks instead of burying policy in prompts.

• YAML rulesets
• Pre, post, session, and sandbox rules
• Operators and variable interpolation
• Ruleset templates
• Schema validation
• Future inheritance and overlays

Did the agent follow the required process before moving on?

Require ordered stages, checks, evidence, and terminal states before high-impact actions are allowed.

• Ordered stages
• Entry and exit conditions
• Evidence requirements
• Terminal stages
• Stage snapshots
• Workflow conformance fixtures

Which actions need a human decision before execution?

Keep humans in the review path where it matters, with timeout behavior and recorded approval decisions.

• ask decisions
• Timeout behavior
• Approval backend
• Approval queues
• Telegram approval path
• Webhook and notification channels

Can we prove what happened later?

Record decisions, workflow state, policy versions, approval actors, and run/session correlation for later review.

• Structured audit events
• Local audit sinks
• Server-backed audit
• Signed decision bundles
• Workflow snapshots
• Run and session correlation

What would this rule change have changed?

Replay prior decisions against candidate rulesets before promoting policy changes across agents.

• Ruleset replay
• Would-block analysis
• Saved versions
• Promotion safety
• Blast-radius summary

Can I use this with my current agent stack?

Use the same rule model across Python, TypeScript, Go, and common agent frameworks without moving enforcement out of the runtime path.

• Python SDK
• TypeScript SDK
• Go SDK
• Shared schema fixtures
• LangChain, LangGraph, OpenAI Agents, CrewAI
• Claude SDK, Google ADK, Semantic Kernel, Vercel AI SDK

Can Edictum control coding agents and local tool runners?

Run local policy checks, workflow gates, audit WAL, and assistant hooks around command-line tool execution.

• Go CLI
• edictum validate, check, replay
• edictum gate init and gate run
• Local WAL
• Skill scanner
• Self-protection rules and ruleset signing

How do teams coordinate visibility, approvals, and audit?

Self-host the optional API/app reference stack for shared visibility while enforcement stays in the agent runtime path.

• API keys
• Event ingestion
• Runs and agents
• Rulesets and versions
• Approvals and audit feed
• SSE hot reload and notification channels

What common agent risks can I cover immediately?

Start from practical controls for destructive commands, secret redaction, data scope, and agentic-risk mappings.

• Adversarial tests
• Secret redaction
• Destructive command blocking
• Data scope restrictions
• Prompt-injection-adjacent tool controls
• OWASP Agentic starter controls