TorkTORK

Core Features

Policy Engine

Define and enforce governance policies for AI agents using declarative YAML configuration.

Overview

The Policy Engine evaluates every action against your defined rules before execution. Policies can ALLOW, BLOCK, WARN, or require APPROVAL for specific actions.

ALLOW

Permit the action

BLOCK

Reject the action

WARN

Allow but flag

APPROVAL

Require human review

Policy Configuration

Define policies using human-readable YAML:

yaml
# policy.yaml
policies:
  - name: block-medical-advice
    description: Prevent AI from giving medical diagnoses
    trigger: output
    action: BLOCK
    conditions:
      - type: contains_pattern
        patterns: ["diagnosis", "prescribe", "medical advice"]
    message: "Medical advice is not permitted"

  - name: require-approval-high-value
    description: Require human approval for transactions over $10,000
    trigger: action
    action: APPROVAL
    conditions:
      - type: action_type
        value: "financial_transaction"
      - type: amount_greater_than
        value: 10000
    approvers: ["finance@company.com"]

  - name: redact-pii-on-output
    trigger: output
    action: REDACT
    entity_types: ["EMAIL", "PHONE", "SSN"]

Checking Policies

Check if an action is allowed before execution:

python
from tork_governance import TorkClient

client = TorkClient()

# Check if action is allowed
result = client.policy.check(
    agent_id="agent-123",
    action_type="send_email",
    content="Meeting scheduled for tomorrow",
    metadata={"recipient": "user@example.com"}
)

if result.allowed:
    # Proceed with action
    send_email()
elif result.action == "APPROVAL":
    # Submit for approval
    approval_id = result.approval_request_id
    print(f"Pending approval: {approval_id}")
else:
    print(f"Blocked: {result.reason}")

Dynamic Policy Evaluation

Policies can use dynamic conditions based on context:

yaml
policies:
  - name: time-based-restriction
    description: Block certain actions outside business hours
    action: BLOCK
    conditions:
      - type: time_outside
        start: "09:00"
        end: "17:00"
        timezone: "America/New_York"
      - type: action_type
        value: "external_api_call"

  - name: user-role-restriction
    description: Only allow admins to delete resources
    action: BLOCK
    conditions:
      - type: action_type
        value: "delete_resource"
      - type: user_role_not_in
        roles: ["admin", "superadmin"]

Pro Tip: Test policies in development before deploying to production. Use client.policy.test() to simulate evaluations.

Documentation

Learn to integrate TORK

Upgrade Plan

Current: free

Support

Get help from our team