Switch to Enforce mode
Guard decisions in Enforce mode
| Decision | Enforce behavior |
|---|---|
allow | Proceed |
warn | Proceed, log warning |
block | Throw — callback never runs |
require_approval | Emit approval event, wait for dashboard resolution, then proceed or throw |
What you’ll see
Blocked actions appear as failed tool calls in the run timeline with the matched guardrail and block reason. Approval-required actions show a pending approval in the dashboard. In session replay, runtime intelligence can summarize the blocked or approval-required action and link the story card back to the related guardrail decision or approval request. Use that summary for review, but treat the guardrail decision itself as the authoritative runtime outcome.Guard failure modes
When the guard API itself fails (network error, timeout),guardFailureMode controls behavior:
| Mode | Behavior |
|---|---|
fail_open (default) | Allow the action — log a warning |
fail_closed | Treat as blocked |
throw | Throw an error immediately |
fail_closed:
Complete enforcement example
MCP proxy Enforce mode
Setmode: "enforce" in apie.mcp.json to enforce guardrails on MCP tool calls without changing agent code. Blocked calls return JSON-RPC error -32001. See MCP enforcement recipe.
Prerequisites for Enforce mode
Before enabling Enforce mode in production:- Declare capabilities for all expected tools
- Enable guardrail templates
- Provide explicit
action,resource, andriskLevelmetadata — don’t rely on inference alone - Configure human approval timeouts
Next steps
Human approval
Pause execution for dashboard approval.
Runtime intelligence walkthrough
See the user-facing story for a production release session.
Monitor mode
Observe before you enforce.
