Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.goantiai.com/llms.txt

Use this file to discover all available pages before exploring further.

A policy is a rule that tells Anti AI what an agent is allowed to do. Anti AI uses a deny-by-default model — if there’s no policy that explicitly allows something, it’s denied.

How policies work

Agent requests: scope="stripe:charge:write"

Anti AI checks: does any policy allow this?

         Yes → issue token with that scope
         No  → deny with 403

Policy language: Rego

Anti AI uses Rego — the policy language from Open Policy Agent (OPA). 
package oculus.authz

default allow = false

allow {
    input.action == "stripe:customer:read"
    input.subject.status == "active"
}
“By default, deny everything. Allow stripe:customer:read if the agent is active.”

Scope format

stripe:customer:read     ← read Stripe customers
stripe:charge:write      ← create Stripe charges
github:repo:read         ← read GitHub repos
db:read                  ← read from the database
aws:s3:read              ← read from S3

Policy versioning

Every update saves the previous version. View history, compare versions, and roll back with one click.