AgentSkillsCN

Guardian Policy Check

根据 CARF 守护者政策对各项操作进行校验(财务限额、数据处理、升级规则)

SKILL.md
--- frontmatter
description: Validate actions against CARF Guardian policies (financial limits, data handling, escalation rules)

CARF Guardian Policy Check Skill

Purpose

Check if a proposed action passes CARF policy constraints before execution. Uses the Guardian layer (Layer 4) for governance enforcement.

When to Use

  • Before high-risk operations (financial transactions, data modifications)
  • When confidence is below threshold (< 0.85)
  • For actions in always_escalate list
  • To understand why an action was rejected

Policy Categories

Financial Policies

PolicyLimitAction
auto_approval_limit$100,000require_escalation
daily_limit$500,000reject
approved_vendorsWhitelistreject

Data Policies

PolicyDescriptionAction
pii_handlingMust mask email/phone/ssn/addressreject
data_residencyus-east-1, eu-west-1 onlyreject
retentionMax 90 dayswarn

Operational Policies

PolicyLimitAction
max_reflection_attempts3escalate
timeout300 secondsabort
rate_limiting60 calls/minthrottle

Risk Thresholds

PolicyThresholdAction
confidence_threshold0.85escalate
entropy_alert0.9circuit_break

Always Escalate Actions

The following actions always require human approval:

  • delete_data
  • modify_policy
  • external_api_write
  • production_deployment

Execution Steps

1. Check via Python

python
from src.workflows.guardian import get_guardian

guardian = get_guardian()
decision = guardian.evaluate(state)

print(f"Verdict: {decision.verdict}")
print(f"Violations: {decision.violations}")
print(f"Risk Level: {decision.risk_level}")

2. Check via API Response

Policy check results are included in /query response:

json
{
  "guardian_result": {
    "verdict": "approved",
    "policies_passed": 5,
    "policies_total": 5,
    "risk_level": "low",
    "violations": []
  }
}

3. Manual Policy Lookup

Check policy values in configuration:

yaml
# config/policies.yaml
financial:
  auto_approval_limit:
    value: 100000
    currency: "USD"
    action: "require_escalation"

Guardian Decision Flow

mermaid
graph TD
    A[Proposed Action] --> B{Check Policies}
    B --> |No Violations| C[APPROVED]
    B --> |Violations Found| D{Assess Risk}
    D --> |Low/Medium| E[REJECTED]
    D --> |High/Critical| F[REQUIRES_ESCALATION]
    F --> G[HumanLayer Approval]

Verdict Types

VerdictMeaningNext Step
approvedAll policies passedExecute action
rejectedPolicy violated, fixableGo to Reflector
requires_escalationHuman approval neededHumanLayer flow

OPA Integration (Optional)

If OPA_ENABLED=true, Guardian also checks OPA policies:

bash
# Environment
OPA_URL=http://localhost:8181
OPA_POLICY_PATH=/v1/data/carf/guardian/allow

# Test OPA policy
curl http://localhost:8181/v1/data/carf/guardian/allow \
  -d '{"input": {"action": "delete_data", "confidence": 0.9}}'

Troubleshooting

Unexpected Rejection

  1. Check violations list in response
  2. Review config/policies.yaml for limits
  3. Verify action type isn't in always_escalate

Override Rejected Action

  • Requires human approval via HumanLayer
  • Cannot bypass Guardian programmatically
  • See AGENTS.md for modification protocol

Policy File Not Loading

  • Check file exists: config/policies.yaml
  • Guardian uses defaults if file missing
  • Review guardian.py:_set_default_policies()