Expand description
Policy evaluation engine for the Vellaveto MCP tool firewall.
Evaluates Action requests against
configured Policy rules and returns a
Verdict (Allow, Deny, or RequireApproval).
Supports glob/regex path matching, domain/IP rules, ABAC attribute constraints,
call-chain validation, decision caching (LRU+TTL), and Wasm policy plugins.
The engine is synchronous by design — all evaluation completes in <5ms P99.
Modules§
- abac
- ABAC (Attribute-Based Access Control) engine — Cedar-style policy evaluation.
- adaptive_
rate - Adaptive rate limiting — adjusts thresholds based on behavioral patterns.
- behavioral
- Behavioral anomaly detection for agent tool call patterns (P4.1 / OWASP ASI).
- cache
- Decision cache for policy evaluation results.
- cascading
- Cascading failure circuit breakers for multi-hop tool call chains (Phase 62).
- circuit_
breaker - Circuit breaker for cascading failure protection (OWASP ASI08).
- collusion
- Multi-agent collusion detection (Phase 62 — OWASP ASI04, ASI07).
- coverage
- Policy coverage analysis — identifies dead policies and coverage gaps.
- deputy
- Confused deputy prevention (OWASP ASI02).
- impact
- Policy Impact Analysis
- least_
agency - Least-agency enforcement — tracks permission usage per agent session and detects unused permissions for scope narrowing recommendations.
- lint
- Policy linting and best-practices engine.
- verified_
constraint_ eval - Verified constraint-evaluation kernel.
- verified_
core - Verified core verdict computation.
- wasm_
plugin - Wasm policy plugin system for Vellaveto.
Structs§
- Compiled
IpRules - Pre-compiled IP access control rules for DNS rebinding protection.
- Compiled
Network Rules - Pre-compiled network rule domain patterns for a single policy.
- Compiled
Path Rules - Pre-compiled path rule glob matchers for a single policy.
- Compiled
Policy - A policy with all patterns pre-compiled for zero-lock evaluation.
- Policy
Engine - The core policy evaluation engine.
- Policy
Validation Error - Error during policy compilation at load time.
Enums§
- Compiled
Constraint - A single pre-compiled parameter constraint with all patterns resolved at load time.
- Compiled
Context Condition - A pre-compiled context condition for session-level policy evaluation.
- Compiled
Tool Matcher - Pre-compiled tool:function matcher derived from policy ID.
- Engine
Error - Errors that can occur during policy evaluation.
- Pattern
Matcher - Pre-compiled pattern matcher for tool/function ID segments.
Constants§
- DEFAULT_
MAX_ PATH_ DECODE_ ITERATIONS - Default maximum percent-decoding iterations for path normalization. Paths requiring more iterations fail-closed with an error.