Skip to main content
Apie ships starter guardrail templates — pre-built policies for common production risks like secret access, production deploys, and destructive shell commands. Enable them with a single CLI command before switching to Enforce mode. When you finish this page, guardrail templates will be active for your agent in the dashboard.

Enable a template

npx apie guardrails enable prod-secrets
npx apie guardrails enable prod-deploys
You can also enable templates programmatically:
await apie.enableGuardrailTemplate("prod-secrets");

Starter packs

These templates match common risky action patterns. Exact keys depend on your Apie workspace — check the dashboard for available templates.
Template keyTypically guards
prod-secretsSecret and vault reads in production
prod-deploysDeployment and release executions
prod-databaseDatabase writes and schema changes
prod-shellDestructive shell commands (rm -rf, etc.)
prod-mergeProduction branch merges

Test templates in monitor mode

Before enforcing, exercise templates in monitor mode to see which decisions they produce:
npx apie send-test-event --mode pipeline
Or run the Guardrail packs recipe which exercises deploy, vault, database, merge, and shell scenarios.

What you’ll see

agent.guardrail.evaluated events showing which templates matched and what decision they returned (allow, warn, block, require_approval).

Workflow

  1. Enable templates via CLI
  2. Run in monitor mode and review evaluations
  3. Declare capabilities so templates have accurate context
  4. Switch to Enforce mode

Next steps

Enforce guardrails

Block actions that templates flag.

Guardrail packs recipe

Walk through all five smoke scenarios.