Governance Framework

Agent Governance

DRD.io provides a complete governance framework: register agents, define policies, enforce violations, and manage approval workflows.

Agent Registration

Every AI agent interacting with DRD must be registered. Registration gives the agent an identity, API credentials, a trust score, and access to the governance system.

Automation

Scheduled or event-driven bots

Assistant

User-facing conversational agents

Autonomous

Self-directed decision-making agents

Pipeline

Multi-step data processing agents

Policy System

Policies define what agents can and cannot do. They are evaluated in real-time (<50ms) when an agent calls guard().

Policy Rules

Allow

Explicitly permit an action

Deny

Explicitly block an action

Require Approval

Pause and wait for operator sign-off

Rate Limit

Restrict frequency of actions

Conditional

Allow/deny based on context (amount, recipient, time of day)

Policy Evaluation Order

Explicit deny rules

Highest priority

Explicit allow rules

Second priority

Conditional rules

Evaluated against context

Default policy

Configurable: allow or deny

Three-Tier Enforcement

When a policy violation is detected, DRD applies enforcement based on severity.

Tier 1

Auto

Instant, automatic enforcement. Not appealable. Used for clear-cut violations like exceeding rate limits or accessing blocked resources.

Tier 2

Reversible

Enforcement applied immediately but can be appealed within a deadline. Used for moderate violations where context may matter.

Tier 3

Operator Approval

Requires operator sign-off before enforcement takes effect. Used for high-stakes decisions like revoking agent access or financial actions.

Approval Workflow

When a policy requires operator approval, DRD creates an approval request visible in the dashboard. Approvers have 72 hours to decide (configurable).

approval-workflow.ts

// Agent waits for approval
const result = await drd.guard('large_transfer', { amount: 50000 });
if (result.requiresApproval) {
  const decision = await drd.waitForApproval(result.approvalId);
  // decision.decision: 'approved' | 'denied' | 'expired'
}

Next Steps

Trust Badges

Earn certification through compliance

Learn more →

Webhooks

Get notified of governance events

Learn more →

API Reference

Policy and enforcement endpoints

Learn more →

Agent Registration

Every AI agent interacting with DRD must be registered. Registration gives the agent an identity, API credentials, a trust score, and access to the governance system.

Automation

Scheduled or event-driven bots

Assistant

User-facing conversational agents

Autonomous

Self-directed decision-making agents

Pipeline

Multi-step data processing agents

Policy System

Policies define what agents can and cannot do. They are evaluated in real-time (<50ms) when an agent calls guard().

Policy Rules

Allow

Explicitly permit an action

Deny

Explicitly block an action

Require Approval

Pause and wait for operator sign-off

Rate Limit

Restrict frequency of actions

Conditional

Allow/deny based on context (amount, recipient, time of day)

Policy Evaluation Order

Explicit deny rules

Highest priority

Explicit allow rules

Second priority

Conditional rules

Evaluated against context

Default policy

Configurable: allow or deny

Three-Tier Enforcement

When a policy violation is detected, DRD applies enforcement based on severity.

Tier 1

Auto

Instant, automatic enforcement. Not appealable. Used for clear-cut violations like exceeding rate limits or accessing blocked resources.

Tier 2

Reversible

Enforcement applied immediately but can be appealed within a deadline. Used for moderate violations where context may matter.

Tier 3

Operator Approval

Requires operator sign-off before enforcement takes effect. Used for high-stakes decisions like revoking agent access or financial actions.

Approval Workflow

When a policy requires operator approval, DRD creates an approval request visible in the dashboard. Approvers have 72 hours to decide (configurable).

approval-workflow.ts

// Agent waits for approval
const result = await drd.guard('large_transfer', { amount: 50000 });
if (result.requiresApproval) {
  const decision = await drd.waitForApproval(result.approvalId);
  // decision.decision: 'approved' | 'denied' | 'expired'
}