Allow
Read-only and evidence-gathering actions can proceed immediately when policy allows them.
RuleOak Core v2.0.1
Tool Guard for governed AI actions
RuleOak Tool Guard evaluates tool calls before execution and records policy decisions, evidence, approval requests, and audit events.
Demo
A concrete governance path in one command
npm run guard:demo
search_docs: allowed
send_external_message: approval_required
delete_workspace_file: blockedApproval required
External, publishing, or write-like actions can be paused for human review.
Blocked
Destructive or unsafe actions can be denied before execution.
MCP Guard Pack
MCP-style tool requests can use the same RuleOak governance pattern
The v2.0 prototype converts MCP-style tool definitions into a RuleOak manifest, then evaluates proposed tool calls before execution. It does not run an MCP server or proxy live traffic yet.