Struct CompiledPolicy 

pub struct CompiledPolicy {
    pub sandboxes: HashMap<String, SandboxPolicy>,
    pub tree: Vec<Node>,
    pub default_effect: Effect,
    pub default_sandbox: Option<String>,
    pub on_sandbox_violation: ViolationAction,
    pub harness_defaults: Option<bool>,
}

A fully compiled match-tree policy, ready for evaluation.

Fields

sandboxes: HashMap<String, SandboxPolicy>

Named sandbox definitions.

tree: Vec<Node>

Root-level children of the tree.

default_effect: Effect

Default effect when no rule matches.

default_sandbox: Option<String>

Name of the default sandbox (used by clash shell when no rule-specific sandbox matches).

on_sandbox_violation: ViolationAction

What the model should do when a sandbox blocks an operation.

harness_defaults: Option<bool>

When explicitly set to false, harness default rules are not injected. None means enabled (default behavior).

Implementations

impl CompiledPolicy

pub fn rule_count(&self) -> usize

Return the number of root-level rule branches.

pub fn format_rules(&self) -> Vec<String>

Format rules as human-readable lines for display (flat, denormalized).

pub fn format_tree(&self) -> Vec<String>

Format rules as a tree with box-drawing characters.

pub fn harness_node_count(&self) -> usize

Count root-level nodes stamped with source “harness”.

pub fn tree_without_harness(&self) -> Vec<&Node>

Return a view of the tree with harness nodes filtered out.

pub fn format_tree_filtered(&self, include_harness: bool) -> Vec<String>

Format rules as a tree, optionally excluding harness nodes.

impl CompiledPolicy

pub fn evaluate(&self, tool_name: &str, tool_input: &Value) -> PolicyDecision

Evaluate this policy against a tool invocation.

pub fn evaluate_with_mode( &self, tool_name: &str, tool_input: &Value, mode: Option<&str>, ) -> PolicyDecision

Evaluate this policy with mode and agent context.

pub fn evaluate_with_context( &self, tool_name: &str, tool_input: &Value, mode: Option<&str>, agent_name: Option<&str>, ) -> PolicyDecision

Evaluate this policy with mode and agent context.

pub fn find_match_path( &self, tool_name: &str, tool_input: &Value, ) -> Option<Vec<usize>>

Find the index path through the tree to the first matching decision.

Returns Some(vec![root_idx, child_idx, ...]) if a rule matched, or None if no rule matched (default effect applies).

pub fn evaluate_ctx(&self, ctx: &QueryContext) -> PolicyDecision

Evaluate this policy against a prepared query context.

pub fn validate(&self) -> Vec<String>

Validate that all sandbox references resolve.

pub fn platform_warnings(&self) -> Vec<String>

Return platform-specific warnings for sandbox policies.

These are non-fatal: the policy is valid but some rules behave differently on certain platforms.

Trait Implementations

impl Clone for CompiledPolicy

fn clone(&self) -> CompiledPolicy

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for CompiledPolicy

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for CompiledPolicy

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Serialize for CompiledPolicy

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.