Skip to content
BaselineOS

Policies

Baseline Protocol treats policies as runtime primitives. Policies are not configuration files reviewed once — they are enforced on every task execution.

Policy model

Section titled “Policy model”

A policy defines:

  • Scope — Which tasks, agents, or domains the policy applies to
  • Rules — Conditions that must be met for execution to proceed
  • Actions — What happens when a rule is violated (block, escalate, log)
  • Audit level — How much detail to record (full or summary)

Governance configuration

Section titled “Governance configuration”
governance: {
  auditLevel: 'full',
  requireApproval: ['critical'],
  restricted: [],
}

auditLevel

Section titled “auditLevel”
  • full — Records every decision, evaluation, and intermediate state
  • summary — Records outcomes and final decisions only

requireApproval

Section titled “requireApproval”

An array of task priority levels that require human approval before autonomous execution. Tasks at these levels are set to blocked status until approved via the API or MCP.

restricted

Section titled “restricted”

Operations that are never allowed autonomously, regardless of agent trust score.

Policy enforcement flow

Section titled “Policy enforcement flow”
  1. Task is submitted to the orchestrator
  2. Orchestrator evaluates applicable policies
  3. If policies require approval, task enters blocked status
  4. Human approves via POST /api/tasks/{id}/approve or MCP tool
  5. Task proceeds through the 4-step execution flow
  6. All policy evaluations are recorded in the audit trail

Next steps

Section titled “Next steps”
  • Evidence — How evidence bundles are produced
  • Compliance — Built-in compliance frameworks