Guardian Mode

Guardian Mode enables pre-execution policy enforcement. The SDK checks with Kaplaix before a dangerous tool runs. If a policy says “requires review”, the agent waits for a human decision.

How it works

1. The SDK calls POST /v1/policies/check before executing a tool
2. The API evaluates the action against the active policy
3. Based on the verdict and the configured mode, the SDK either proceeds, blocks, or waits for approval

Enforcement modes

Circuit breaker

Guardian Mode includes a circuit breaker to protect against cascading failures. After 3 consecutive check failures, the circuit opens. By default the SDK fails open (allows the action) — set failOnCircuitOpen: true to fail closed.

SDK usage

import { KaplaixClient } from "@kaplaix/sdk-ts";
 
const client = new KaplaixClient({
  apiKey: "al_live_...",
  guardian: {
    mode: "require_approval",
    approvalTimeoutMs: 120_000,  // 2 minutes (default)
    pollIntervalMs: 3_000,       // 3 seconds (default)
    failOnCircuitOpen: false,    // fail-open (default)
  },
});
 
const session = client.session({ agentId: "my-agent" });
 
// checkThen* methods check policy before logging
await session.checkThenLogToolCall({
  toolName: "database_query",
  argumentsHash: "sha256-hex",
  responseStatus: 200,
});

API endpoints

{
  "decision": "approved"
}