Waxell

Product

Compare

START FREE

Waxell

POLICIES

Defining what agentic systems are allowed to do

Define what your agents are allowed to do — and enforce it everywhere, instantly.

Waxell Policies are runtime enforcement rules for AI agents — defined once in the governance plane, applied uniformly across every workflow, and evaluated deterministically before execution proceeds. When a policy changes, it changes everywhere. No code deploy required.

Free to start. 2-line setup.

SOC 2 Ready

Define what your agents are allowed to do — and enforce it everywhere, instantly.

Free to start. 2-line setup.

SOC 2 Ready

Define what your agents are allowed to do — and enforce it everywhere, instantly.

Free to start. 2-line setup.

SOC 2 Ready

Without explicit rules, acceptable agent behavior is implicit —
which means it's inconsistent.

One workflow allows an outbound email.
Another doesn't.

One session respects a cost ceiling.
Another runs until the bill arrives.

Governance that lives inside agent code can't be managed centrally and can't change without a deployment.

What Waxell Policies Do

Policies in Waxell are first-class governance objects — not config files, not embedded business logic, not assumptions documented somewhere in a Notion page.

They live in the governance plane and are applied by reference across every workflow that uses them. Agents don't carry local copies of policy logic. They don't interpret rules independently. The governance plane is the single source of truth.

Waxell ships with 50+ policy categories — from cost limits and kill switches to PII protection and human approval gates. You configure the rules. Waxell enforces them before the next step executes, not after the damage is done.

50+ Policy Categories.
Every One Enforced at Runtime.

Audit & Compliance

Audit Log

Structured, tamper-evident log of every agent action

Immutable Trace

Full execution trace that cannot be altered after the fact

Compliance Export

Export governance records in audit-ready formats

GDPR Redaction

Automatically redact personal data to satisfy GDPR requirements

Retention Policy

Control how long execution records and logs are retained

Safety & Content

PII Detection

Scan inputs and outputs for personally identifiable information

Prompt Injection Block

Detect and block prompt injection attempts before execution

Output Redaction

Redact sensitive content from agent outputs

Harmful Content

Filter outputs that meet harmful content thresholds

Toxicity Filter

Block outputs that exceed configured toxicity scores

Cost & Budget

Spend Limit

Hard ceiling on total spend per agent, user, or session

Token Ceiling

Maximum token consumption per call or workflow run

Per-Session Budget

Isolated cost envelope applied at the session level

Model Cost Cap

Limit spend on specific models across the system

Budget Alert

Notify or halt when spend approaches a configured threshold

Access Control

Model Allowlist

Restrict which models agents are permitted to call

Tool Restriction

Limit which tools are available to specific agents or workflows

Data Source Gate

Control which data sources agents can read from or write to

API Scope Limit

Constrain which API endpoints or scopes agents can access

Role-Based Access

Apply different governance rules based on agent or user role

Operations

Kill Switch

Immediately halt any agent, workflow, or session

Emergency Halt

Automatic stop triggered by threshold or anomaly detection

Loop Detection

Identify and interrupt runaway agent loops

Timeout Policy

Enforce maximum execution time per step or workflow

Retry Limit

Cap the number of retries a workflow is allowed to attempt

Quality

Output Scoring

Score agent outputs against configurable quality criteria

Confidence Gate

Block outputs that fall below a minimum confidence threshold

Hallucination Guard

Flag or block outputs identified as factually unreliable

Format Validation

Enforce required output structure or schema

Completeness Check

Verify that outputs meet minimum completeness requirements

Scheduling

Time Window

Restrict when workflows are permitted to run

Frequency Cap

Limit how often an agent or workflow can execute

Cron Policy

Define recurring execution schedules

Queue Priority

Set relative execution priority across workflows

Concurrency Limit

Cap simultaneous workflow executions

Identity

Agent Identity

Assign and verify the identity of each agent at execution

User Attribution

Attribute agent actions to the originating user

Session Binding

Tie execution context to a verified session

Org Scoping

Constrain agent access and behavior within an org boundary

Audit Trail

Persistent identity-linked record of every governance decision

Grounding & Custom

Source Anchoring

Require agent outputs to be grounded in verified sources

Hallucination Block

Hard block on outputs that fail grounding verification

Citation Required

Enforce that outputs include traceable source citations

Domain Restriction

Limit agent responses to a defined subject domain

(Custom)

Define custom policy categories against your own compliance stack

Every category below is evaluated before execution proceeds — not logged after the fact.

Audit & Compliance

Audit Log

Structured, tamper-evident log of every agent action

Immutable Trace

Full execution trace that cannot be altered after the fact

Compliance Export

Export governance records in audit-ready formats

GDPR Redaction

Automatically redact personal data to satisfy GDPR requirements

Retention Policy

Control how long execution records and logs are retained

Safety & Content

PII Detection

Scan inputs and outputs for personally identifiable information

Prompt Injection Block

Detect and block prompt injection attempts before execution

Output Redaction

Redact sensitive content from agent outputs

Harmful Content

Filter outputs that meet harmful content thresholds

Toxicity Filter

Block outputs that exceed configured toxicity scores

Cost & Budget

Spend Limit

Hard ceiling on total spend per agent, user, or session

Token Ceiling

Maximum token consumption per call or workflow run

Per-Session Budget

Isolated cost envelope applied at the session level

Model Cost Cap

Limit spend on specific models across the system

Budget Alert

Notify or halt when spend approaches a configured threshold

Access Control

Model Allowlist

Restrict which models agents are permitted to call

Tool Restriction

Limit which tools are available to specific agents or workflows

Data Source Gate

Control which data sources agents can read from or write to

API Scope Limit

Constrain which API endpoints or scopes agents can access

Role-Based Access

Apply different governance rules based on agent or user role

Operations

Kill Switch

Immediately halt any agent, workflow, or session

Emergency Halt

Automatic stop triggered by threshold or anomaly detection

Loop Detection

Identify and interrupt runaway agent loops

Timeout Policy

Enforce maximum execution time per step or workflow

Retry Limit

Cap the number of retries a workflow is allowed to attempt

Quality

Output Scoring

Score agent outputs against configurable quality criteria

Confidence Gate

Block outputs that fall below a minimum confidence threshold

Hallucination Guard

Flag or block outputs identified as factually unreliable

Format Validation

Enforce required output structure or schema

Completeness Check

Verify that outputs meet minimum completeness requirements

Scheduling

Time Window

Restrict when workflows are permitted to run

Frequency Cap

Limit how often an agent or workflow can execute

Cron Policy

Define recurring execution schedules

Queue Priority

Set relative execution priority across workflows

Concurrency Limit

Cap simultaneous workflow executions

Identity

Agent Identity

Assign and verify the identity of each agent at execution

User Attribution

Attribute agent actions to the originating user

Session Binding

Tie execution context to a verified session

Org Scoping

Constrain agent access and behavior within an org boundary

Audit Trail

Persistent identity-linked record of every governance decision

Grounding & Custom

Source Anchoring

Require agent outputs to be grounded in verified sources

Hallucination Block

Hard block on outputs that fail grounding verification

Citation Required

Enforce that outputs include traceable source citations

Domain Restriction

Limit agent responses to a defined subject domain

(Custom)

Define custom policy categories against your own compliance stack

Every category in that grid is enforced at runtime. Not logged after the fact. Enforced before execution proceeds.

START FREE

Three Differentiators

CHANGES TAKE EFFECT IMMEDIATELY

Policies aren't embedded in agent code — they live in the governance plane and are applied by reference. Adjust a rule and it propagates across every workflow that references it, instantly. No redeployment. No drift.

MANAGED BY NON-ENGINEERS

Policy ownership belongs to the people responsible for governance, compliance, and operations — not the engineers who wrote the workflows. Because policy logic is separate from agent code, adjusting a rule doesn't require touching the system it governs.

DETERMINISTIC BY DESIGN

When a policy condition isn't met, execution stops. No probabilistic reasoning, no adaptive override, no silent exception. The outcome is explicit and logged — which policy applied, what condition failed, and the surrounding context — before you ever need to look.

How It Works

Define your rules in the governance plane

Choose from 45+ policy categories or configure custom rules. Set thresholds, conditions, and enforcement behavior. Policies are objects, not code — created and managed in the Waxell interface.

Waxell applies them by reference across every workflow

Your agents don't carry policy logic. When a workflow runs, Waxell evaluates all applicable policies against current execution context. If conditions are met, execution proceeds. If not, it stops — cleanly, immediately, and with a full record of why.

Review, adjust, repeat — without touching your agents

When a rule needs to change, change it in the governance plane. It takes effect everywhere, immediately. Run a test to verify the new behavior before it reaches production. See [Testing] for how pre-production policy validation works.

Three Differentiators

CHANGES TAKE EFFECT IMMEDIATELY

MANAGED BY NON-ENGINEERS

DETERMINISTIC BY DESIGN

How It Works

Set once.
Your tools do the rest.

Define your rules in the governance plane

Choose from 50+ policy categories or configure custom rules. Set thresholds, conditions, and enforcement behavior. Policies are objects, not code — created and managed in the Waxell interface.

Waxell applies them by reference across every workflow

Review, adjust, repeat — without touching your agents

Set once.
Your tools do the rest.

Define your rules in the governance plane

Choose from 45+ policy categories or configure custom rules. Set thresholds, conditions, and enforcement behavior. Policies are objects, not code — created and managed in the Waxell interface.

Waxell applies them by reference across every workflow

Review, adjust, repeat — without touching your agents

POLICY A

POLICY B

POLICY C

POLICY D

Designed to scale

Centralized, reference-based policies scale cleanly across workflows, teams, and environments.

They are suitable for systems where execution is continuous, changes are expected, and governance must remain consistent over time.

Policies do not become harder to manage as automation expands. They become more important.

CallSine automatically finds and researches each prospect by analyzing their website, LinkedIn profile, and company information. Get comprehensive insights instantly without spending hours on manual research. It even works with your existing database.

From here

Waxell is available now.

Install the SDK, connect to your instance, and start capturing what your agents actually do. Governance, policy enforcement, cost tracking, and full telemetry — running from the moment you initialize.

start free

Free during beta. 2-line setup.

FAQ

What is AI agent policy enforcement?

AI agent policy enforcement is the practice of applying predefined governance rules to autonomous agents at runtime — before or during execution — to ensure they operate within defined boundaries. Unlike observability, which records what agents did, enforcement prevents disallowed actions from completing. Waxell enforces policies deterministically across 26 categories, including cost limits, content filtering, kill switches, and PII protection.

How does Waxell enforce policies before execution begins?

When a workflow is triggered, Waxell evaluates all applicable policies against the current context before execution proceeds. Policies are stored centrally in the governance plane — not embedded in agent code — and applied by reference. If a policy condition is not met, execution stops and the outcome is logged with full context. There is no probabilistic reasoning, adaptive override, or silent exception.

What types of AI agent policies can Waxell enforce?

Waxell supports 26 policy categories covering the full surface area of agent behavior: cost and token limits, content and input scanning, PII protection, kill switches, rate limits, scheduling constraints, identity controls, data access restrictions, LLM-specific rules, human approval gates, and more. For teams with compliance requirements, Waxell Assurance covers how these policies map to audit, accountability, and operational trust.

Can Waxell policies be applied to existing agents without code changes?

Yes. Waxell instruments existing Python agents in two lines of code — install the SDK, initialize before your imports, and policy enforcement begins automatically. Waxell is framework-agnostic and works with LangChain, CrewAI, LlamaIndex, and custom Python agents. No changes to existing agent logic are required.

What happens when a Waxell policy blocks an agent execution?

When a policy condition is not met, execution halts and the event is recorded with full context — which policy applied, what condition failed, and the surrounding execution state. The record exists immediately and is inspectable without reconstructing from logs. Policy owners can review blocked executions, adjust rules, and retest using the same inputs and constraints that triggered the block.

From here

Waxell is available now.

start free

Free during beta. 2-line setup.

start free

Free during beta. 2-line setup.

FAQ

What is AI agent policy enforcement?

AI agent policy enforcement is the practice of applying predefined governance rules to autonomous agents at runtime — before or during execution — to ensure they operate within defined boundaries. Unlike observability, which records what agents did, enforcement prevents disallowed actions from completing. Waxell enforces policies deterministically across 50+ categories, including cost limits, content filtering, kill switches, and PII protection.

How does Waxell enforce policies before execution begins?

What types of AI agent policies can Waxell enforce?

Waxell supports 50+ policy categories covering the full surface area of agent behavior: cost and token limits, content and input scanning, PII protection, kill switches, rate limits, scheduling constraints, identity controls, data access restrictions, LLM-specific rules, human approval gates, and more. For teams with compliance requirements, Waxell Assurance covers how these policies map to audit, accountability, and operational trust.