Skip to content

Policy / rules endpoints

For the write paths see the collector's agentfw.proxy. The cloud currently exposes read-only access to the policy as published by each collector.

GET /policy

The currently active policy bundle, with per-rule hit counts in the last window:

json
{
  "name":           "default",
  "version":        "2026-05-13T21:33",
  "default_action": "deny",
  "default_hit_count": 4,
  "rules": [
    {
      "name":        "log_all_llm_calls",
      "action":      "log",
      "match":       { "action": "llm_prompt" },
      "enabled":     true,
      "description": "Observability — record every LLM call.",
      "hit_count":   1842,
      "last_match":  1715519998.2
    },
    ...
  ]
}

→ Authoritative rule writes still go through the collector's API: PUT /policy/rules/{name}, POST /policy/rules, DELETE /policy/rules/{name}, POST /policy/rules/reorder. See agentfw/proxy.py for the contract.

Documentation for kilasec — the AI Agent Firewall.