Prevent AI Agent Policy Violations Before They Execute
Operations teams seeking pre-execution guardrails to stop AI agents from approving out-of-policy decisions.
Das Problem
The key insight is that violations must be caught before execution, not discovered in post-hoc audit. Corules provides two evaluation gates: Gate 1 (constraints) tells the AI what it is allowed to propose before it reasons. Gate 2 (validate) confirms the final decision before execution. Between these two gates, the AI cannot produce an action that violates policy — because non-compliant decisions never reach the execution layer.
So löst Corules es
Corules's policy runtime evaluates structured context against compiled CEL expressions — returning ALLOW, BLOCK, or ESCALATE with a reason and audit ID.
Richtlinienbeispiel
// Gate 1: what is the AI allowed to propose?
// Called before AI reasoning begins
GET /v1/constraints → { max_discount: 0.25, required_fields: [...] }
// Gate 2: is this specific decision compliant?
// Called before execution
POST /v1/validate → { outcome: "BLOCK", violation: "discount_pct > 0.25" }Frequently Asked Questions
Why are there two gates instead of one?
Gate 1 gives the AI bounded context so it doesn't even attempt non-compliant proposals. Gate 2 is the final enforcement check. Two gates eliminate both 'propose then block' waste and 'execute then regret' risk.
What happens if Gate 2 is bypassed?
The architecture assumes callers are trusted. Integrations are designed so the execution layer requires a valid Gate 2 audit_id. Integrations without this check are a deployment concern, not a policy concern.