Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.egisai.co/llms.txt

Use this file to discover all available pages before exploring further.

A Policy is a single rule your organization wants enforced on governed calls. Policies live in the EgisAI dashboard — operators create, edit, and target them there. The SDK fetches the active set, caches it locally, and refreshes it continuously without requiring a redeploy of your application.

Where policies live

Policies are configured in the EgisAI dashboard. The dashboard is the source of truth; the SDK consumes the published configuration. You do not embed policy documents in your repository. The SDK works without any extra files.

Categories of rules

CategoryPurpose (high level)
PII & secretsDetect and block or mask categories such as government identifiers, payment data, and credential-shaped strings before model calls.
Content patternsAllow or deny prompts or outputs matching operator-defined patterns.
Models & sizeRestrict which model names may be called, or cap prompt size.
IntentBlock requests that match dangerous or out-of-scope intent even when phrased obliquely or in another language.
Tools & connectorsRestrict tool, shell, or integration use when the model returns structured tool or command requests.
Exact rule shape and ordering are managed in the product. The SDK consumes the published configuration and applies rules in a fixed order designed to keep sensitive content local-first (see How it works).

Policy targeting

Operators can scope a policy to:
  • All agents in the org — applies everywhere.
  • Specific agents — applies only to the listed agents.
  • Agent groups — applies to a named set of agents managed in the dashboard.
The SDK resolves these scopes at evaluation time based on the active agent identity (see Agents). You don’t need to do anything in code to opt into a scope — the dashboard manages it.

Policy refresh

Once active, the SDK keeps your local cache fresh in two ways:
  1. Live updates — when the live update channel is reachable, policy changes propagate to your process within seconds.
  2. Polling — at the interval set by refresh_interval_seconds (default 10), the SDK polls for updated configuration. This is the fallback for environments that block long-lived connections.
You can disable live updates with enable_sse=False; the SDK then relies on polling alone.

Inspecting policies from your code

The SDK exposes its public types so you can integrate policy decisions outside the patched call paths if you need to. The most useful primitives are: 
from egisai import (
    PolicyContext,
    PolicyDecision,
    PolicyRule,
    OutputPolicyContext,
    evaluate_policies,
    evaluate_output_policies,
)
SymbolUse
PolicyRuleOne active rule. Construct from a list pulled from your own source if needed.
PolicyContextThe inputs an input-side rule expects (model, prompt, etc).
OutputPolicyContextThe inputs an output-side rule expects.
evaluate_policies()Run input-side rules synchronously.
evaluate_output_policies()Run output-side rules synchronously.
PolicyDecisionVerdict + matched rule records returned by both functions.
See the API reference for each type’s fields.
These primitives are deliberately pure-Python. They evaluate locally and do no I/O, so you can use them inside your own code paths to apply consistent policy semantics to text outside the patched provider SDKs.

Empty policy sets

If your organization has no enabled policies, every call passes through. The startup banner makes this visible: 
✓ [egisai] active — app=… env=… on_block=raise integrations=[…] policies=0
   ⚠  no enabled policies in this org — every call will be allowed.
      visit your dashboard → Policies → + New policy.
This is intentional — the SDK doesn’t apply any opinions of its own. Behavior is entirely operator-defined.

What’s next

Verdicts

The three outcomes a policy can produce.

API reference

Detailed reference for PolicyRule, PolicyContext, and PolicyDecision.