Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with policy-engine

A curated list of projects in awesome lists tagged with policy-engine .

https://github.com/target/portauthority

API that leverages Clair to scan Docker Registries and Kubernetes Clusters for vulnerabilities

clair docker-image golang kubernetes policy-engine vulnerability-assessment

Last synced: 10 May 2025

https://github.com/peg/rampart

Open-source firewall for AI agents. Policy engine that audits and controls what OpenClaw, Claude Code, Cursor, Codex, and any AI tool can do on your machine.

agent-security ai-agents ai-security audit-trail claude-code cli codex devtools golang ld-preload llm mcp openclaw policy-engine prompt-injection secure-ai-agents secure-openclaw security security-openclaw

Last synced: 06 May 2026

https://github.com/imran-siddique/agent-os

A Safety-First Kernel for Autonomous AI Agents - POSIX-inspired primitives with 0% policy violation guarantee

agent-framework ai-agents ai-governance ai-safety autogen crewai governance guardrails langchain llm mcp mcp-server openai policy-engine python semantic-kernel

Last synced: 21 Feb 2026

https://microsoft.github.io/rego-cpp/

A C++ interpreter for the OPA policy language Rego

c cpp opa policy policy-engine python rust

Last synced: 12 May 2025

https://github.com/microsoft/rego-cpp

A C++ interpreter for the OPA policy language Rego

c cpp opa policy policy-engine python rust

Last synced: 08 Jan 2026

https://github.com/PolicyLayer/Intercept

The control layer for AI agents. Intercept enforces hard limits on every MCP tool call before execution. Rate limits, spend caps, access controls. Open source.

agent-framework agentic-ai agentic-workflow ai-agents ai-governance ai-safety claude control-plane golang guardrails llm-tools mcp mcp-proxy mcp-server model-context-protocol openai policy-engine proxy-server rate-limiting

Last synced: 08 Apr 2026

https://github.com/openleash/openleash

An open-source authorization layer where owners set policies, agents ask before acting, and counterparties can verify the agent was authorized.

ai-agents ai-safety authorization cryptography local-first nodejs paseto policy-engine sidecar typescript

Last synced: 15 Apr 2026

https://github.com/arm-software/armour

Armour provides a custom policy language and a distributed enforcement infrastructure to secure applications developed using micro-services

distributed-systems microservices policy-engine rust

Last synced: 05 Sep 2025

https://github.com/wbaldoumas/atrea-policyengine

A modular, composable policy engine for easy implementation of complex conditional processing pipelines.

dotnet engine hacktoberfest nuget nuget-package package parallel-processing policy policy-engine

Last synced: 10 Oct 2025

https://github.com/safe-agentic-world/nomos

Zero-trust execution firewall for autonomous AI agents (MCP/HTTP), with deterministic policy, approvals, and audit.

agent-firewall agentic ai-agents audit-logging claude http-gateway mcp mcp-gateway openai openclaw policy-engine sandbox zero-trust

Last synced: 28 Apr 2026

https://github.com/mkmkkkkk/paysentry

The missing control plane for AI agent payments. Observe, control, protect, and test agent spending across x402, ACP, AP2, and Visa TAP.

agent-payments ai-agents control-plane fintech observability payments policy-engine spending-limits typescript x402

Last synced: 10 Mar 2026

https://github.com/paolovella/vellaveto

Agentic security control plane for MCP and AI agent tool calls. MCP-native policy gateway with topology discovery and audit.

ai-agents ai-safety ai-security audit-log compliance dlp eu-ai-act llm-security mcp mcp-gateway model-context-protocol oauth owasp policy-engine policy-gateway rust security security-audit siem tool-use

Last synced: 02 Apr 2026

https://github.com/agentbouncr/agentbouncr

Not on the list, not getting in. — Governance layer for AI agents.

agents ai audit-trail eu-ai-act governance policy-engine security typescript

Last synced: 23 Feb 2026

https://github.com/denial-web/covernor-platform

AI Governance Layer — Control what AI is allowed to do, not just what it says. Policy engine, capability tokens, dual approval, hash-chain audit.

ai-governance ai-safety compliance enterprise-ai fintech human-in-the-loop llm-orchestration open-source policy-engine typescript

Last synced: 07 Apr 2026

https://github.com/steward-fi/steward

Agent wallet infrastructure — encrypted keys, policy enforcement, credential proxy, auth platform. Self-hostable, multi-tenant, open source.

ai-agents authentication bun open-source policy-engine typescript wallet

Last synced: 24 May 2026

https://github.com/inferadb/engine

The Authorization Database. High-performance, fine-grained access control at scale.

access-control authorization caching fine-grained-access-control graph-database grpc inferadb permissions policy-engine rebac rest-api rust wasm zanzibar

Last synced: 06 Jun 2026

https://github.com/dgenio/agent-kernel

Capability-based authorization and policy enforcement for agents using large MCP and A2A tool ecosystems.

a2a agent-security ai-agents authorization capability-based-security mcp policy-engine python

Last synced: 07 Jun 2026

https://github.com/sidclawhq/platform

The approval and accountability layer for AI agents. Identity → Policy → Approval → Trace. 13 framework integrations. Free during early access.

ai-agents approval-workflow audit-trail compliance crewai eu-ai-act finra governance langchain mcp open-source openai policy-engine python security typescript vercel-ai

Last synced: 03 Apr 2026

https://github.com/keymate-io/keymate-authz-toolkit

Fine-grained authorization toolkit: Access Rules DSL, Access Rule Engine, and the kmctl authz CLI for validate, simulate, and explain workflows

authorization authz cli fine-grained-authorization java policy-as-code policy-engine

Last synced: 27 Apr 2026

https://github.com/va1da5/aws-iam-challenges

The project includes practical exercises on writing AWS IAM policies, covering various real-world scenarios

aws iam policy-engine practice training

Last synced: 01 May 2026

https://github.com/staticpayload/cathedral.fabric

A deterministic, distributed, capability-safe execution fabric for agent workflows with verifiable replay and certified audit trails

agent-framework audit-trail blake3 capability-based-security cluster consensus deterministic distributed-systems event-sourcing policy-engine raft replay rust simulation terminal-ui verification wasm workflow-engine

Last synced: 05 Feb 2026

https://github.com/getactra/actra

Actra - control what runs before it runs, controls what actions are allowed before they execute. Evaluate policies across APIs, workflows, and AI agents — in real time.

access-control action-admission-control action-control agent-control agent-governance agent-policy agent-safety agentic-ai ai-agents ai-governance ai-safety authorization automation governance policy-as-code policy-engine policy-management python rule-engine runtime-policy

Last synced: 04 Apr 2026

https://github.com/zhjai/agent-completion-gate

Stop agents from marking work done that isn't — a fail-closed completion gate + four-state machine: the worker only proposes done, an external verifier grants it. Reads real artifacts, not self-report. Built on agent-memory.

agent-memory agent-skill ai-agents ai-coding-agents ai-governance ai-guardrails claude-code-skill completion-gate fail-closed guardrails llmops policy-engine

Last synced: 03 Jun 2026

https://github.com/sint-ai/sint-protocol

Open protocol and reference stack for governing AI agent actions in physical and safety-critical systems

a2a agent-security ai-governance ai-safety audit-log capability-tokens industrial-iot mavlink mcp opcua open-standard physical-ai policy-engine protocol robotics ros2

Last synced: 18 Apr 2026

https://github.com/apathy-ca/sark

Zero-trust gateway for AI systems. OPA policies, audit logging, authentication (OIDC/LDAP/SAML), MCP/HTTP/gRPC adapters. FastAPI + Rust extensions. Production-ready.

ai-governance api-gateway audit-logging authentication authorization fastapi llm-security mcp model-context-protocol opa policy-engine python rust security zero-trust

Last synced: 27 May 2026

https://github.com/vellaveto/vellaveto

Agentic security control plane for MCP and AI agent tool calls. Policy gateway, topology discovery, identity-aware ABAC, and tamper-evident audit.

ai-agents audit compliance mcp owasp policy-engine rust security

Last synced: 16 Mar 2026

https://github.com/tyabu12/hamoru

"Terraform for LLMs." Declaratively orchestrate multiple LLM providers in harmony, with policy-based model selection and cost impact prediction. Named after Japanese ハモる (to harmonize) — because your LLMs should sing together, not solo.

agent-collaboration ai anthropic async cli cost-optimization declarative developer-tools llm llm-orchestration multi-provider openai openai-compatible policy-engine rust tokio workflow-engine

Last synced: 16 Apr 2026

https://github.com/charlesbulabula/zero-trust-framework

Zero Trust network security framework with policy enforcement

kubernetes mtls opa policy-engine security spiffe zero-trust

Last synced: 03 Jun 2026

https://github.com/kanywst/awesome-authorization

Authorization and access control tools, frameworks, standards, and resources.

access-control authorization authzen awesome awesome-list opa policy-engine security spiffe zanzibar

Last synced: 27 Apr 2026

https://github.com/guillempuche/authorization-react-opal-cedar

A React application with OPAL and Cedar integration for a scalable access and policy enforcement management.

authorization authorization-middleware cedar database deno docker-compose opal policy-engine policy-management react

Last synced: 11 Apr 2026

https://github.com/mgourlis/stateful-abac-policy-engine

Stateful ABAC Policy Engine is a production-ready, multi-tenant authorization system implementing Attribute-Based Access Control (ABAC) with support for spatial conditions (PostGIS), hierarchical ACL evaluation, and both HTTP and direct-database access modes. Includes a React admin UI, async Python SDK, and Keycloak IdP integration.

abac access-control acl attribute-based-access-control authorization fastapi geospatial jwt keycloak multi-tenant oauth2 policy-engine postgis postgresql python rbac react redis sdk spatial

Last synced: 23 May 2026

https://github.com/log-bell/avakill

🔪 Open-source safety firewall for AI agents. Intercepts tool calls before they execute, enforces YAML policies, and kills dangerous operations in real-time. Works with OpenAI, Anthropic, LangChain, and MCP. She doesn't guard. She kills.

ai-agents ai-safety anthropic claude-code compliance cursor devtools firewall guardrails langchain llm mcp model-context-protocol openai policy-engine prompt-injection python sandbox security tool-use

Last synced: 08 Mar 2026

https://github.com/braincreator/flowlink

🛡️ FlowLink — Governance & Risk Control for Autonomous AI Systems. MCP gateway with 7-level shield: kill switch, policies, approval, sandbox, audit. Works with Claude Code, Cursor, Copilot, Windsurf.

ai-agent-security ai-firewall ai-governance ai-security aider autonomous-agents claude-code cline copilot cursor devops-security ebpf mcp mcp-gateway mcp-server policy-engine prompt-injection rust windsurf zero-trust

Last synced: 31 May 2026

https://github.com/kevinastuhuaman/marketplace-refund-policy-kit

Forkable refund-policy framework: 5-tier ladder + evidence matrix + guardrails + interactive simulator + Node shadow-mode evaluator.

marketplace policy-engine react refund-policy shadow-mode trust-and-risk typescript

Last synced: 21 May 2026

https://github.com/tbarlow12/task-board-assistant

Policy engine for managing task board technologies (Trello, Jira, Planner, GitHub projects, VSTS, etc.)

azure-devops github-projects jira planner policy-engine task-board task-management trello vsts

Last synced: 28 Mar 2025

https://github.com/mizcausevic-dev/release-readiness-gatekeeper

Kotlin backend for release gate evaluation, dependency readiness scoring, freeze-window checks, and rollback-aware launch coordination

javalin jvm kotlin platform-engineering policy-engine rollback

Last synced: 01 Jun 2026

https://github.com/mizcausevic-dev/mcp-policy-lab

Python FastAPI service for evaluating MCP server and tool policies, trust posture, destructive-action controls, and operator-facing review workflows.

ai-governance backend control-plane fastapi mcp platform-security policy-engine portfolio python tool-governance

Last synced: 01 Jun 2026

https://github.com/mizcausevic-dev/wasm-policy-gateway

Edge policy gateway: pure-Rust geo + rate-limit + A/B routing engine, compiled to WASI (wasm32-wasip1, ~128KB). Runs in Wasmtime, Fastly Compute, Cloudflare Workers via WASM components. Deterministic, fuzzable, portable.

ab-testing cloudflare-workers edge platform-engineering policy-engine rate-limiting rust wasi wasm wasmtime webassembly

Last synced: 01 Jun 2026

https://github.com/mizcausevic-dev/edge-policy-enforcer

Go policy engine for edge request governance, redirect control, bot handling, geo routing, and traffic-pressure decisions.

backend bot-detection edge go golang governance net-http observability platform-engineering policy-engine request-routing

Last synced: 01 Jun 2026

https://github.com/mizcausevic-dev/haskell-policy-engine

Type-safe policy DSL in Haskell. Algebraic data type Policy = Allow | Deny | When; predicates compose via And/Or/Not; pure total evaluator; Aeson JSON codec; Hspec + QuickCheck tests. Functional purity flex for the agent-governance theme.

access-control aeson ai-governance dsl functional-programming haskell hspec platform-engineering policy-engine quickcheck

Last synced: 01 Jun 2026

https://github.com/mizcausevic-dev/reliability-policy-coordinator

Kotlin JVM backend for dependency drag review, error-budget policy, freeze-window decisions, and rollback-aware reliability coordination.

backend error-budget javalin jvm kotlin platform-engineering policy-engine reliability rollback

Last synced: 01 Jun 2026

https://github.com/mizcausevic-dev/latency-budget-enforcer

Go policy engine for latency budget enforcement, dependency drag review, tail-latency breaches, and operator-facing service-path response planning

backend go golang governance latency net-http observability performance-engineering platform-engineering policy-engine sre

Last synced: 01 Jun 2026

https://github.com/copyleftdev/torii

🎌 TORII (鳥居) - The Ultimate Git Control Plane. Policy-driven governance for Git at scale. Zero-trust enforcement, multi-tenancy, and comprehensive audit trails. Built in Rust.

audit compliance control-plane devops git git-hooks governance multi-tenancy policy-engine postgresql rust security sqlite ssh-authentication zero-trust

Last synced: 10 Apr 2026

https://github.com/ryanwi/agent-control-plane

Production-oriented governance control plane for autonomous AI agents. Policy engine, approval gates, budget tracking, kill switches, and auditable event sourcing.

agent-control-plane agent-governance ai-agents human-in-the-loop policy-engine

Last synced: 02 Jun 2026

https://github.com/amafjarkasi/hsx-context-hygiene-engine

Context hygiene & risk adjudication for LLM pipelines: secrets, PII, prompt-injection, policy redaction & tokenization.

cli compliance content-safety context-hygiene data-sanitization llm llm-security nodejs pii-redaction policy-engine prompt-injection redaction secret-scanning security tokenization typescript

Last synced: 15 Feb 2026