Documentation
¶
Overview ¶
Package keep is an API-level policy engine for AI agents.
Index ¶
- Constants
- func ApplyMutations(params map[string]any, mutations []Mutation) map[string]any
- func ValidateRuleBytes(data []byte) error
- type AuditEntry
- type Call
- type CallContext
- type Decision
- type Engine
- type EvalResult
- type LintWarning
- type Mutation
- type Option
- type RedactedField
- type RuleResult
- type RuleSet
Constants ¶
Decision constants re-exported from the engine package.
Variables ¶
This section is empty.
Functions ¶
func ApplyMutations ¶
ApplyMutations returns a new params map with the given mutations applied. The original map is not modified.
func ValidateRuleBytes ¶ added in v0.2.2
ValidateRuleBytes parses and validates a Keep rule file from raw YAML bytes without compiling an engine. Use this to catch invalid rules early (e.g. at deploy time) before the engine is needed at runtime.
Types ¶
type AuditEntry ¶
type AuditEntry = engine.AuditEntry
type Call ¶
Type aliases re-exported from internal packages.
func NewHTTPCall ¶ added in v0.3.0
NewHTTPCall constructs a Call for HTTP request policy evaluation. The operation is formatted as "METHOD host/path" (e.g. "GET api.github.com/repos"). Method is uppercased. Path is expected to include a leading slash. Context.Scope is not set — callers should assign it based on their deployment convention.
func NewMCPCall ¶ added in v0.3.0
NewMCPCall constructs a Call for MCP tool-use policy evaluation. The operation is the tool name as-is. Params are passed through directly (may be nil). Context.Scope is not set — callers should assign it based on their deployment convention.
type CallContext ¶
type CallContext = engine.CallContext
type Engine ¶
type Engine struct {
// contains filtered or unexported fields
}
Engine holds compiled evaluators for each policy scope.
func Load ¶
Load reads rule files from rulesDir, compiles all CEL expressions and redact patterns, and returns a ready-to-use Engine.
func LoadFromBytes ¶ added in v0.2.1
LoadFromBytes creates an Engine from raw YAML bytes representing a single rule file. The YAML must contain a valid Keep rule file with a scope field. Pack references are not supported — all rules must be inline.
The returned Engine is safe for concurrent use. Call Close when done.
This constructor is intended for embedding Keep in other programs (e.g. Moat) where the caller controls configuration and does not use the filesystem.
func (*Engine) Close ¶
func (e *Engine) Close()
Close stops the rate counter GC goroutine. Call this when the engine is no longer needed to prevent goroutine leaks.
func (*Engine) Evaluate ¶
func (e *Engine) Evaluate(call Call, scope string) (EvalResult, error)
Evaluate runs all rules in the given scope against the call and returns the policy decision.
type EvalResult ¶
type EvalResult = engine.EvalResult
func SafeEvaluate ¶ added in v0.3.0
func SafeEvaluate(eng *Engine, call Call, scope string) (result EvalResult, err error)
SafeEvaluate wraps Engine.Evaluate with panic recovery so the host process never crashes due to a policy evaluation bug. On panic it returns EvalResult{Decision: Deny} and an error describing the panic (fail-closed).
type LintWarning ¶ added in v0.2.0
type LintWarning = config.LintWarning
LintWarning is a non-fatal issue found during linting.
type Option ¶
type Option func(*engineConfig)
Option configures Load behavior.
func WithAuditHook ¶ added in v0.2.1
func WithAuditHook(hook func(AuditEntry)) Option
WithAuditHook registers a callback invoked synchronously after every Evaluate call. The hook receives the AuditEntry from the evaluation result. It is not called when Evaluate returns an error (e.g. unknown scope).
func WithForceEnforce ¶
func WithForceEnforce() Option
WithForceEnforce overrides every scope's mode to "enforce". Deprecated: Use WithMode("enforce") instead.
func WithMode ¶ added in v0.2.1
WithMode overrides the mode for all scopes. Valid values are "enforce" and "audit_only". Returns an error from Load/LoadFromBytes if invalid.
func WithPacksDir ¶
WithPacksDir sets the directory to load starter pack YAML files from.
func WithProfilesDir ¶
WithProfilesDir sets the directory to load profile YAML files from.
type RedactedField ¶
type RedactedField = engine.RedactedField
type RuleResult ¶
type RuleResult = engine.RuleResult
type RuleSet ¶ added in v0.2.2
type RuleSet struct {
// contains filtered or unexported fields
}
RuleSet is a programmatic builder for constructing policy rules without generating YAML. It produces the same internal representation as LoadFromBytes.
func NewRuleSet ¶ added in v0.2.2
NewRuleSet creates a new rule builder for the given scope. Mode should be "enforce" or "audit_only".
func (*RuleSet) Allow ¶ added in v0.2.2
Allow adds operations to the allowlist. When an allowlist is present, operations not in the list are denied.
Directories
¶
| Path | Synopsis |
|---|---|
|
cmd
|
|
|
keep
command
|
|
|
keep-llm-gateway
command
|
|
|
keep-mcp-relay
command
|
|
|
internal
|
|
|
audit
Package audit provides structured audit logging for Keep evaluations.
|
Package audit provides structured audit logging for Keep evaluations. |
|
cel
content.go — text-analysis helpers for Keep rule expressions.
|
content.go — text-analysis helpers for Keep rule expressions. |
|
config
Package config parses and validates Keep rule files, profiles, and starter packs.
|
Package config parses and validates Keep rule files, profiles, and starter packs. |
|
engine
Package engine implements Keep's core policy evaluation.
|
Package engine implements Keep's core policy evaluation. |
|
rate
Package rate provides an in-memory sliding window counter store for Keep's rateCount() CEL function.
|
Package rate provides an in-memory sliding window counter store for Keep's rateCount() CEL function. |
|
redact
Package redact handles regex-based field redaction for Keep's redact action.
|
Package redact handles regex-based field redaction for Keep's redact action. |
|
Package llm provides a provider-agnostic pipeline for evaluating LLM API requests and responses against Keep policy rules.
|
Package llm provides a provider-agnostic pipeline for evaluating LLM API requests and responses against Keep policy rules. |
|
anthropic
Package anthropic implements the llm.Codec interface for the Anthropic Messages API (https://docs.anthropic.com/en/api/messages).
|
Package anthropic implements the llm.Codec interface for the Anthropic Messages API (https://docs.anthropic.com/en/api/messages). |
|
Package sse implements Server-Sent Events parsing and writing per the WHATWG spec (https://html.spec.whatwg.org/multipage/server-sent-events.html).
|
Package sse implements Server-Sent Events parsing and writing per the WHATWG spec (https://html.spec.whatwg.org/multipage/server-sent-events.html). |