PolicyShield¶
Declarative firewall for AI agent tool calls.
PolicyShield lets you define YAML rules that control what tools an AI agent can use, when, and how โ without modifying agent code.
Key Features¶
- ๐ก๏ธ Declarative rules โ YAML-based, no code changes needed
- ๐ Chain rules โ Temporal conditions for multi-step attack detection
- ๐ PII detection โ Built-in redaction for sensitive data
- ๐จ Kill switch โ
policyshield killfor instant emergency stop - ๐ฏ Honeypot tools โ Decoy tools that catch prompt injection
- ๐ฉบ Doctor โ 10-check health scanner with AโF grading
- โ๏ธ Auto-rules โ
policyshield generate-rules --from-openclaw - โ Approval flows โ Human-in-the-loop for risky operations
- ๐ Tracing โ Full audit trail of every tool call
- ๐ Replay & Simulation โ Re-run traces against new rules
- ๐ค AI Rule Writer โ Generate rules from natural language
- ๐ HTTP Server โ Framework-agnostic REST API for tool call policy enforcement
- ๐ OpenClaw Plugin โ Native plugin with before/after hooks
- ๐ Integrations โ LangChain, CrewAI
- ๐งช Testing โ Validate rules before deployment
- ๐ CLI โ Scaffold, validate, lint, test, serve from the command line
Quick Start¶
pip install policyshield
# Scaffold a new project with secure defaults
policyshield init --preset secure --no-interactive
# Check your security posture
policyshield doctor
# Validate your rules
policyshield validate policies/
# Start the HTTP server
pip install "policyshield[server]"
policyshield server --rules policies/rules.yaml --port 8100
How It Works¶
# policies/rules.yaml
shield_name: my-policy
version: 1
rules:
- id: block-file-delete
when:
tool: delete_file
then: block
severity: high
message: "File deletion is not allowed."
from policyshield.shield.engine import ShieldEngine
engine = ShieldEngine(rules="policies/rules.yaml")
result = engine.check("delete_file", {"path": "/data"})
print(result.verdict) # Verdict.BLOCK