policyai 0.4.0

PolicyAI provides a mechanism for unstructured, composable policies that transform unstructured text into structured outputs.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394

# PolicyAI

**Composable, conflict-aware policies for reliable agents**

## The Problem: LLMs Can't Handle Conflicting Instructions

When building agents, you quickly discover that large language models have subtle biases that make structured outputs unreliable:

- **Frequency bias**: If `"priority": "low"` appears 10× more often than `"priority": "high"` in your prompts, the LLM will default to "low" even when "high" is correct.
- **Key name bias**: The names of your JSON fields influence the model's outputs in unexpected ways (e.g. priority).
- **Context leakage**: Mention "the building is on fire" in your prompt and watch the LLM assign high priority to unrelated low-priority messages.
- **Conflicting instructions**: Tell the LLM to prioritize messages from Alice and deprioritize messages from Bob—then send a message from both. The LLM won't report a conflict; it will silently pick one instruction to follow.

These aren't edge cases. They're fundamental limitations of how LLMs process instructions. Your agent appears to work in testing, then fails unpredictably in production.

## What PolicyAI Does

PolicyAI provides a layer on top of structured outputs that makes agent behavior **composable** and **conflict-aware**:

- **Each policy is independent**: Write and test policies in isolation, then compose them.
- **Conflicts are detected**: When instructions conflict, you get an error instead of silent bias.
- **Conflict resolution is explicit**: Choose how to handle conflicts (agreement required, largest value wins, or default).
- **Monotonic overrides**: Use the "largest value" strategy to make important values "sticky"—once set high, they stay high.

PolicyAI trades latency and cost for **reliability and debuggability**. If you're building production agents where correctness matters, that's a trade worth making.

## Show Me the Problem

Here's what happens with vanilla structured outputs when you have conflicting policies:

```python
# Your agent instructions
"""
- When Alice sends a message, set priority to HIGH
- When Bob sends a message, set priority to LOW
"""

# Message from: alice@example.com, bob@example.com
# LLM output: {"priority": "LOW"}  # Wrong! But which instruction should it follow?
# The model picked one silently. No error. No warning.
```

With PolicyAI, this scenario produces a conflict error because two policies disagree on the priority field's value, and you've configured it to require agreement.

## How PolicyAI Works

### 1. Define a PolicyType

A PolicyType is like a schema, but with conflict resolution strategies:

```rust
use policyai::{PolicyType, Field, OnConflict};

let policy_type = PolicyType {
    name: "EmailPolicy".to_string(),
    fields: vec![
        Field::Bool {
            name: "unread".to_string(),
            default: Some(true),
            on_conflict: OnConflict::Default,
        },
        Field::StringEnum {
            name: "priority".to_string(),
            values: vec!["low".to_string(), "medium".to_string(), "high".to_string()],
            default: None,
            on_conflict: OnConflict::LargestValue,  // "high" wins over "low"
        },
        Field::StringArray {
            name: "labels".to_string(),
        },
    ],
};
```

### 2. Create Policies with Semantic Injections

A semantic injection is a natural language instruction that generates structured actions:

```rust
let policy1 = policy_type
    .with_semantic_injection(
        &client,
        "If the email is about football, mark \"unread\" false with low \"priority\""
    )
    .await?;

let policy2 = policy_type
    .with_semantic_injection(
        &client,
        "If the email is from mom@example.org, set high \"priority\" and add Family \"label\""
    )
    .await?;

let policy3 = policy_type
    .with_semantic_injection(
        &client,
        "If the email is about shopping, add Shopping \"label\""
    )
    .await?;
```

### 3. Compose and Apply

```rust
let mut manager = Manager::default();
manager.add(policy1);
manager.add(policy2);
manager.add(policy3);

let report = manager.apply(
    &client,
    template,
    "From: mom@example.org\nSubject: Shopping for football gear",
    None
).await?;

// Result: unread=false, priority=high, labels=["Family", "Shopping"]
// - policy1 sets unread=false, priority=low
// - policy2 sets priority=high (wins via LargestValue)
// - policy3 adds Shopping label
// - labels compose (arrays merge)
```

The policies compose cleanly because:
- `priority` uses `OnConflict::LargestValue` → "high" overrides "low"
- `labels` is an array → values merge automatically
- `unread` uses `OnConflict::Default` → takes the default value when conflicts occur

## Conflict Resolution Strategies

PolicyAI provides three strategies for handling conflicts:

### Agreement
All policies must agree on the value, or you get a conflict error. Best for fields where inconsistency indicates a logic error in your policies.

```rust
Field::String {
    name: "template".to_string(),
    default: None,
    on_conflict: OnConflict::Agreement,
}
```

### LargestValue
The largest value wins. This makes important values "sticky" and enables monotonic overrides:
- For bools: `true > false`
- For numbers: `10 > 5`
- For strings: longer strings win
- For enums: values later in the list win

```rust
Field::StringEnum {
    name: "priority".to_string(),
    values: vec!["low".to_string(), "medium".to_string(), "high".to_string()],
    on_conflict: OnConflict::LargestValue,  // "high" > "medium" > "low"
}
```

**Why this matters**: Once a policy sets priority to "high", no other policy can downgrade it to "low". This prevents surprising interactions between policies.

### Default

Use the field type's default behavior (usually last-writer-wins, but arrays append) when conflicts occur. Useful for fields where you want predictable behavior regardless of policy interactions.

```rust
Field::Bool {
    name: "unread".to_string(),
    default: Some(true),
    on_conflict: OnConflict::Default,
}
```

## PolicyType Syntax

PolicyAI provides a concise syntax for defining policy types:

```text
type policyai::EmailPolicy {
    unread: bool = true,
    priority: ["low", "medium", "high"] @ highest wins,
    category: ["ai", "distributed systems", "other"] @ agreement = "other",
    template: string @ agreement,
    labels: [string],
}
```

You can parse this syntax directly:

```rust
let policy_type = PolicyType::parse(r#"
    type EmailPolicy {
        priority: ["low", "high"] @ highest wins,
        labels: [string]
    }
"#)?;
```

## Use Cases for Agents

PolicyAI excels when your agent needs to:

- **Triage emails or notifications**: Apply multiple categorization rules that may interact
- **Process RSS feeds**: Extract structured metadata from articles using composable rules
- **Label documents**: Assign categories, tags, priorities based on content
- **Extract metadata**: Any scenario where discrete documents need structured descriptors

PolicyAI is **not** the right tool when:
- You have a single, simple classification task
- Latency is more important than correctness
- Your policies never interact or conflict

## Scaling with Policy Retrieval

For production agents with large policy sets, you don't want to apply every policy to every input. Use **vector retrieval** to select relevant policies dynamically:

### Pattern: PolicyAI + Chroma

(Example is illustrative, but likely needs work to work because Claude hallucinated some of this)

```rust
use chromadb::{ChromaClient, Collection};
use policyai::{Policy, Manager};

async fn process_with_retrieval(
    client: &Anthropic,
    chroma: &Collection,
    input: &str,
) -> Result<Report, Box<dyn std::error::Error>> {
    // 1. Retrieve relevant policies from vector database
    let results = chroma.query(
        vec![input.to_string()],
        5,  // top 5 most relevant policies
        None,
        None,
        None,
    ).await?;

    // 2. Deserialize policies from metadata
    let policies: Vec<Policy> = results.metadatas
        .into_iter()
        .flatten()
        .filter_map(|meta| {
            serde_json::from_value(meta.get("policy")?.clone()).ok()
        })
        .collect();

    // 3. Apply only relevant policies
    let mut manager = Manager::default();
    for policy in policies {
        manager.add(policy);
    }

    let report = manager.apply(client, template, input, None).await?;
    Ok(report)
}
```

### Storing Policies for Retrieval

When adding policies to your vector database, store both the semantic injection and the full policy:

```rust
// Create policy
let policy = policy_type
    .with_semantic_injection(
        &client,
        "If email from VIP, set high priority"
    )
    .await?;

// Store in Chroma with embedding of the semantic injection
chroma.add(
    vec![Uuid::new_v4().to_string()],  // id
    vec![policy.prompt.clone()],         // text to embed
    Some(vec![serde_json::json!({
        "policy": policy,
        "type": "email_triage",
    })]),
    None,
).await?;
```

### Why This Works

- **Semantic injections are natural language**: Vector databases embed them naturally
- **Retrieval filters noise**: Only relevant policies are applied, reducing conflicts
- **Scalable**: Support thousands of policies without performance degradation
- **Dynamic**: Add/update policies without redeploying your agent

### Retrieval Best Practices

1. **Embed the semantic injection, not the action**: The natural language prompt (`policy.prompt`) captures intent
2. **Store full policy in metadata**: Retrieve the complete `Policy` object for application
3. **Use top-k = 3-10**: Start small; more policies = more potential conflicts
4. **Monitor conflict rates**: If retrieval pulls conflicting policies, tune your embeddings or increase specificity

This pattern combines the best of both worlds:
- **Vector retrieval** for relevance and scale
- **PolicyAI** for correctness and composability

## Tradeoffs

PolicyAI sacrifices performance for reliability:

| Metric | vs Vanilla Structured Outputs |
|--------|-------------------------------|
| Latency | Higher (additional LLM calls) |
| Token Usage | Higher (policy composition) |
| Cost | Higher (more tokens) |
| Reliability | Much higher (conflict detection) |
| Debuggability | Much higher (isolated policies) |

**Why it's worth it**: In production agents, silent failures are expensive. PolicyAI makes agent behavior predictable and testable. You can verify each policy independently, then compose them with some confidence.

## Getting Started

Add PolicyAI to your `Cargo.toml`:

```toml
[dependencies]
policyai = "0.3"
```

Basic usage:

```rust
use policyai::{PolicyType, Field, OnConflict, Manager};
use claudius::Anthropic;

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    let client = Anthropic::new(None)?;

    // Define your policy type
    let policy_type = PolicyType::parse(r#"
        type MyPolicy {
            priority: ["low", "high"] @ highest wins
        }
    "#)?;

    // Create a policy from natural language
    let policy = policy_type
        .with_semantic_injection(&client, "Set high priority for urgent messages")
        .await?;

    // Apply it
    let mut manager = Manager::default();
    manager.add(policy);

    let report = manager.apply(
        &client,
        template,
        "This is urgent!",
        None
    ).await?;

    println!("{}", report.value());
    Ok(())
}
```

## Tools

PolicyAI includes tools for testing and debugging:

- `policyai-verify-policies`: Verify policies are well-formed
- `policyai-regression-report`: Generate reports on policy behavior
- `policyai-extract-regressions`: Extract failing cases for analysis
- `policyai-regressions-to-examples`: Convert regressions to test examples

## Implementation Note

PolicyAI deliberately orders arguments in tool calls carefully. Agents are surprisingly susceptible to argument order, so the framework maintains consistent ordering to avoid bias.

## Current Status

- **Model support**: Anthropic Claude only (currently)
- **License**: Apache-2.0
- **Status**: Active development

## Examples

See the [examples/](examples/) directory for:
- Generating semantic injections
- Creating test data
- Evaluating policies

## Contributing

Issues and pull requests welcome at https://github.com/rescrv/policyai

## License

Apache-2.0