Press enter or click to view image in full size
At the Claude Code Meetup Amsterdam, one of my first slides was the above image. It pokes fun at the average experience with AI Agents in software development. Getting guarantees from AI Agents that they’ll work a specific way… is quite the complex problem. If you’ve used AI Agents in software development to any extent; that should be familiar territory.
AI Agents can break “rules”
AI Agents can break their own rules (as in Cursor Rules). Rules are context AI Agents are aware about; part of the software that tells it how to act. For example, Claude will say “I won’t run that under any circumstances” when you ask it to delete your machine.
Press enter or click to view image in full size
Meaning Claude Code comes with rules built-in. As do all the main AI Assistants for software development; Gemini CLI, GitHub Copilot, Codex and the like. Getting them to perform an action they consider destructive takes some convincing, but it is possible.
At Devleaps we thought about the limitations of rules, and permission systems of these tools.
Get Philipp Gayret’s stories in your inbox
Join Medium for free to get updates from this writer.
How we can automate decisionmaking, and guidance. Can we get agents to self-correct when they go off track?
Policies
Our first system is one we call Agent Policies. Policies let you codify decisionmaking and guidance. They sit somewhere between permissions, rules and true guardrails. Policies are more granular than permissions. And, unlike rules, they work as hard guardrails. An AI can try to run a command but if a policy blocks it, it won’t happen.
Press enter or click to view image in full size
Press enter or click to view image in full size
What’s great about policies is that they can give guidance alongside permission decisions. That extra guidance allows an AI Agent to self-correct, and use the tooling it’s meant to use without having to fall back on humans to correct;
Press enter or click to view image in full size
Through policies, entire workflows can be codified. Think for example of having to make a feature branch for a new feature, using conventional commits; always making a pull request instead of pushing to the main branch, and running quality assurance before before finishing up work.
The Policy Server
We designed Agent Policies with Platform Engineering in mind. Agent Policies is available as a server; Agent Policies Server. It’s open source, and the code we publish for it is meant as a reference implementation. We actually genuinely use it; but our way of working will be completely different from yours. You can host an Agent Policy Server for just you, or as we intend it; for your whole organization, and automate guidance for AI Agents company-wide.
Our project is open source, you can find it over at:
- https://github.com/Devleaps/agent-policies-server
- https://github.com/Devleaps/agent-policies-claude-code
- https://github.com/Devleaps/agent-policies-gemini-cli (Beta)
We hope you find it interesting. If you’d like to learn more about topics like AI guardrails and effective use of tools like Claude Code; GitHub Copilot, Gemini & Codex feel free to contact us at Devleaps.