Crate vellaveto_engine 

Policy evaluation engine for the Vellaveto MCP tool firewall.

Evaluates Action requests against configured Policy rules and returns a Verdict (Allow, Deny, or RequireApproval). Supports glob/regex path matching, domain/IP rules, ABAC attribute constraints, call-chain validation, decision caching (LRU+TTL), and Wasm policy plugins.

The engine is synchronous by design — all evaluation completes in <5ms P99.

Modules

abac

ABAC (Attribute-Based Access Control) engine — Cedar-style policy evaluation.

acis

ACIS action fingerprinting.

adaptive_rate

Adaptive rate limiting — adjusts thresholds based on behavioral patterns.

agent_baseline

Agent behavioral baseline and rogue agent detection (OWASP ASI10).

behavioral

Behavioral anomaly detection for agent tool call patterns (P4.1 / OWASP ASI).

cache

Decision cache for policy evaluation results.

cascade_graph

Cascading failure propagation graph (OWASP ASI08).

cascading

Cascading failure circuit breakers for multi-hop tool call chains (Phase 62).

circuit_breaker

Circuit breaker for cascading failure protection (OWASP ASI08).

collusion

Multi-agent collusion detection (Phase 62 — OWASP ASI04, ASI07).

contagion

Phase 3: Context-learning contagion controls.

coverage

Policy coverage analysis — identifies dead policies and coverage gaps.

cross_session_leak

Cross-session data leak detection.

cumulative_harm

STAC (Sequences of Tool-Chaining Attacks) cumulative harm scoring.

delegation

Phase 3: Multi-agent delegation control.

denial_of_wallet

Denial of Wallet (DoW) / unbounded consumption detection (OWASP LLM10).

deputy

Confused deputy prevention (OWASP ASI02).

exfil_path

Data exfiltration path analysis.

impact

Policy Impact Analysis

least_agency

Least-agency enforcement — tracks permission usage per agent session and detects unused permissions for scope narrowing recommendations.

lint

Policy linting and best-practices engine.

nhi_overpermission

Non-Human Identity (NHI) overpermission detection.

sequence

Phase 6.3: Behavioral sequence analysis.

verified_constraint_eval

Verified constraint-evaluation kernel.

verified_core

Verified core verdict computation.

wasm_plugin

Wasm policy plugin system for Vellaveto.

Structs

CompiledIpRules

Pre-compiled IP access control rules for DNS rebinding protection.

CompiledNetworkRules

Pre-compiled network rule domain patterns for a single policy.

CompiledPathRules

Pre-compiled path rule glob matchers for a single policy.

CompiledPolicy

A policy with all patterns pre-compiled for zero-lock evaluation.

PolicyEngine

The core policy evaluation engine.

PolicyValidationError

Error during policy compilation at load time.

Enums

CompiledConstraint

A single pre-compiled parameter constraint with all patterns resolved at load time.

CompiledContextCondition

A pre-compiled context condition for session-level policy evaluation.

CompiledToolMatcher

Pre-compiled tool:function matcher derived from policy ID.

EngineError

Errors that can occur during policy evaluation.

PatternMatcher

Pre-compiled pattern matcher for tool/function ID segments.

Constants

DEFAULT_MAX_PATH_DECODE_ITERATIONS

Default maximum percent-decoding iterations for path normalization. Paths requiring more iterations fail-closed with an error.