What is PolicyGuard?
AI Agent Compliance APIs

What is PolicyGuard?

4 min read

PolicyGuard is a compliance API for AI agents that act on the open web. We built it to answer a simple operational question before an agent takes action: is this allowed on this target site, right now? The API returns a structured decision in one HTTP round-trip, with a verdict, risk level, reason, safe alternative, and cited evidence from the site’s policy text (Mission).

What PolicyGuard returns

PolicyGuard is designed to give agents a decision they can use immediately. The response object includes:

  • Verdict: allowed, blocked, or modify
  • Risk level: low, medium, or high
  • Reason: a short human-readable explanation
  • Safe alternative: what the agent could do instead if the action is blocked
  • Cited evidence: the URL and quoted passage from the actual policy document

That structure matters because agents do not just need a yes or no. They need enough context to change course without guessing. We built the output to be machine-readable, but still easy for a human operator to review (Mission).

Who it is for

PolicyGuard is for other AI agents, not for humans clicking through a UI. The intended audience is developers building autonomous software that needs to avoid violating site terms of service (FAQ).

That makes the product different from a browser extension or a manual compliance checklist. We are not asking a person to read policy pages one by one. We are giving an agent a lookup service it can call before it acts.

A common example is a crawler, posting agent, or browser automation system that needs to decide whether it can scrape, submit, or access a page. Instead of hardcoding one-off rules per site, the agent asks PolicyGuard first.

How the API works

The primary product is a paid HTTP endpoint: POST /evaluate. The intended flow is simple:

  1. The agent sends a proposed action and a target site.
  2. PolicyGuard evaluates that action against live policy text.
  3. x402 handles the micropayment challenge autonomously.
  4. We return a structured decision object, with citations, in the same round-trip (API).

We sit on the agent side of the stack. That is important. Site-side systems like Cloudflare’s pay-per-crawl charge crawlers at the access layer. PolicyGuard is different. We tell the agent whether it should attempt the action in the first place (Problem).

We also publish every verdict to a public decision corpus on cited.md. Each decision is citeable by URL and grounded in the original policy text. Over time, that lets future agents search prior decisions before paying for a fresh lookup (Products).

Why we built it

The problem we are targeting is compliance drift. Today, teams building AI agents often hand-code rules like “for LinkedIn, do not scrape” or “for Reddit, no self-promotion.” That approach fails in three ways:

  1. Policies change. Hand-coded rules go stale.
  2. Coverage gaps appear. New sites and edge cases are missed.
  3. There is no citation. When an agent blocks or modifies an action, teams need a source they can audit.

PolicyGuard is meant to replace that pattern with live policy lookup, broader coverage, and built-in citations. We fetch the current policy text, make a decision, and log the result in ClickHouse and cited.md so the corpus compounds instead of being rebuilt by every team from scratch (Problem, Products).

Current status and limits

We should be direct about the current state. PolicyGuard is a prototype. It was built in roughly five hours on May 23, 2026, at the Agentic Engineering Hackathon hosted by tokens&. It is not in production. There is no production deployment, no users, no revenue, and no integration partners beyond the four sponsor tools listed in the build notes (Status).

It also does not guarantee legal compliance. We surface and cite the relevant policy text, but the calling agent and the operator remain responsible for the action they take. PolicyGuard is decision support and evidence retrieval, not legal counsel (FAQ).

A practical example

If an agent wants to scrape a page, post content, or crawl a site, it should check PolicyGuard first. If the policy clearly allows the action, the agent can proceed. If the policy blocks it, the response should include a blocked verdict, a reason, and a safe alternative. If the policy is ambiguous, we do not pretend otherwise. The point is to make the uncertainty visible before the agent acts.

That is the core idea behind PolicyGuard: one paid compliance lookup for AI agents, backed by current policy text and citations, with a public record that other agents can reuse.

Powered by Senso — your AI-searchable knowledge base.

Back to AI Agent Compliance APIs

Keep Reading

More from AI Agent Compliance APIs

Can I use PolicyGuard in production today?

Read more

What is the current development status of PolicyGuard?

Read more

Where can I find PolicyGuard's GitHub repository?

Read more