Platform · PolicyRules that follow your agents — not your calendar

Policy Sets.
Per agent.
Enforced live.

Obiguard's Policy engine lets you define exactly what each AI agent is allowed to do — and block or flag anything outside that envelope in real time.

01 / Policy Sets

Group rules. Assign to agents.

A Policy Set is a named collection of Criteria with a shared action — block, flag, or allow. Assign a set to one or many agents. Change the set once and every agent updates immediately.
01 — CRITERIA

Define your criteria

Criteria bind a detector (or custom rule) to a direction — prompt, response, or tool-call — and an action. One criterion, one decision point.

Detector · Direction · Action
02 — POLICY SETS

Group into Policy Sets

Bundle related criteria into a named set. A support-agent set might include no-pii-in-responses, no-competitor-mention, and safe-tool-list.

Reusable · versionable · auditable
03 — ASSIGN

Assign to agents

Link a Policy Set to one or many AI Agents. The set travels with the agent — across models, frameworks, and deployment environments.

Per-agent · multi-agent
04 — REVIEW QUEUE

Route to human review

Any criterion can route violations to the Review Queue for human judgment. Every decision is written back to the Audit Ledger.

Human-in-the-loop · escalation
02 / Example

A Policy Set in YAML.

Policy Sets are defined in YAML, stored in version control, and deployed via the Obiguard API or the dashboard. Every change is diffed and written to the Audit Ledger.
policy-set / no-pii-in-responses.yaml
# no-pii-in-responses
name: no-pii-in-responses
agent: support-agent
criteria:
  detector: pii.us-ssn
  direction: response
action: block
review_queue: true
frameworks:
    - soc2.cc6.7
    - nist-ai-rmf.govern
owner: @security-platform