Evaluate policy against tools

curl --request POST \ --url https://api.mnemom.ai/v1/policies/evaluate \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --data ' { "policy": { "meta": { "schema_version": "<string>", "name": "<string>", "description": "<string>" }, "capability_mappings": {}, "forbidden": [ { "pattern": "<string>", "reason": "<string>", "severity": "high" } ], "escalation_triggers": [ { "condition": "<string>", "reason": "<string>" } ], "defaults": { "unmapped_tool_action": "warn", "unmapped_severity": "medium", "fail_open": false, "enforcement_mode": "observe", "grace_period_hours": 0 } }, "tools": [ "<string>" ], "agent_id": "<string>" } '

{ "violations": [ { "tool": "<string>", "capability": "<string>", "rule": "<string>", "reason": "<string>" } ], "warnings": [ { "tool": "<string>", "message": "<string>" } ], "card_gaps": [ { "capability": "<string>", "missing_card_field": "<string>", "suggestion": "<string>" } ], "coverage": 0.5 }

Authorizations

Authorization

string

header

required

Supabase JWT token in Authorization: Bearer header

Body

application/json

policy

object

required

A complete CLPI policy document defining capability mappings, forbidden tools, escalation triggers, and enforcement defaults.

Show child attributes

tools

string[]

required

List of tool identifiers to evaluate against the policy

agent_id

string

Optional agent ID to include agent-specific context in evaluation

Response

Policy evaluation result

Result of evaluating a CLPI policy against a set of tools or traces.

verdict

enum<string>

Overall evaluation verdict

Available options:

pass,

warn,

fail

violations

object[]

List of policy violations detected

Show child attributes

warnings

object[]

Non-blocking warnings about potential issues

Show child attributes

card_gaps

object[]

Gaps between the policy and the alignment card

Show child attributes

coverage

number

Fraction of tools covered by the policy (0.0 to 1.0)

Required range: 0 <= x <= 1