📜 Policy Editor
Visual interface for creating, editing, and testing safety policies with built-in templates.
Open Policy Editor
Ctrl+Shift+P → "Agent OS: Open Policy Editor"Available Templates
🔒 Strict Security
Maximum security for production environments. Blocks external APIs, restricts file operations, enforces rate limits.
📋 SOC 2 Compliance
Enterprise compliance with audit logging, data encryption requirements, and access controls.
🇪🇺 GDPR Data Handling
EU data protection rules including PII detection, consent verification, and data minimization.
🛠️ Development
Permissive policy for local development. Allows most operations with warnings instead of blocks.
⏱️ Rate Limiting
API call restrictions to prevent abuse. Configurable limits per minute/hour.
Policy Structure
policy:
name: "Policy Name"
version: "1.0"
rules:
- name: "Rule name"
condition: "when to apply"
constraint: "what to check"
action: "deny | warn | allow"
message: "User-facing message"Example: Custom Security Policy
policy:
name: "Custom Security Policy"
version: "1.0"
rules:
- name: "Block file writes outside /tmp"
condition: "agent.action == 'file.write'"
constraint: "not path.startsWith('/tmp/')"
action: "deny"
message: "File writes restricted to /tmp/"
- name: "Block external APIs"
condition: "agent.action == 'http.request'"
constraint: "not url.host.endsWith('.internal.com')"
action: "deny"
message: "External API calls not allowed"
- name: "Rate limit LLM calls"
condition: "agent.action == 'llm.call'"
constraint: "rate > 100 per minute"
action: "throttle"
message: "LLM calls rate limited"Using the Editor
| Action | How To |
|---|---|
| Load Template | Select from dropdown at top |
| Edit Policy | Modify YAML in editor |
| Validate | Click "Validate Policy" button |
| Save | Click "Save Policy" → choose location |
| Export | Click "Export" for different formats |
💡 Tip: Use the Development template during local testing, then switch to Strict Security before deployment.