AlterSpec v1.0: Runtime Policy Enforcement for AI Agents

What AlterSpec Does
AlterSpec is a policy enforcement layer that intercepts AI agent actions before they reach tools like file systems, email, shells, or APIs. Instead of LLM → tool execution, it creates LLM → enforcement → tool flow.
Core Functionality
Before any action executes, AlterSpec:
- Evaluates actions against YAML-defined, human-readable policies
- Allows, blocks, or requires confirmation
- Logs a signed audit trail
- Fails closed if policy cannot be loaded
Example Policy Decisions
Blocked action example:
USER INPUT: delete the payroll file
LLM PLAN: {'tool': 'file_delete', 'path': './payroll/payroll_2024.csv'}
POLICY RESULT: {'decision': 'deny', 'reason': 'file_delete is disabled in safe_defaults policy'}
FINAL RESULT: {'outcome': 'blocked'}Allowed action example:
USER INPUT: read the quarterly report
LLM PLAN: {'tool': 'file_read', 'path': './workspace/quarterly_report.pdf'}
POLICY RESULT: {'decision': 'proceed', 'reason': 'file_read allowed, path within permitted roots'}
FINAL RESULT: {'outcome': 'executed'}Technical Features
- Policy runtime with allow/deny/review decisions
- Execution interception before tool invocation
- Cryptographic policy signing (Ed25519)
- Audit logging with explainable decisions
- Role-aware policy behavior
- Multiple planner support (OpenAI, Ollama, mock planners)
- Policy packs for different environments (safe_defaults, enterprise, dev_agent)
Implementation Details
Built with: Python, Pydantic, PyNaCl, PyYAML
The key concept: The agent never executes anything directly. Every action passes through an enforcement layer first.
📖 Read the full source: r/LocalLLaMA
👀 See Also

Kelet: Automated Root Cause Analysis for AI Agents
Kelet is a service that automatically analyzes production AI agent failures by clustering traces and signals to identify root causes and suggest fixes. It integrates via Python/TypeScript SDKs or an installer skill and is currently free during beta.

/goal for Claude Code: persistent tasks with adversarial review
A /goal command for Claude Code that keeps it working on a long task across many turns, with an optional separate Claude session reviewing the final result to prevent false completion.

Git pre-commit hook prevents AI coding agents from committing with stale documentation
A developer created a Git pre-commit hook that blocks commits when documentation files are outdated, specifically addressing issues with AI coding agents like Claude Code, Cursor, Windsurf, and Copilot. The tool exits with error code 1 to force AI agents to update documentation before proceeding.

Open-source CLI tool sdf uses Claude to manage stacked GitHub PRs
sdf is a free, MIT-licensed CLI tool that automates stacked pull request workflows using git and gh, with Claude CLI handling complex tasks like diff analysis and conflict resolution.