|
|
|
|
|
|
by dreadpirates
99 days ago
|
|
|
Good framing on where governance should live. Intercepting actions outside the prompt and outside the framework is the right call, the model and the orchestrator are both untrusted surfaces. We took the same approach for spend specifically at nornr.com: agent requests a mandate before committing money, policy decides approve/queue/block at the infrastructure layer, every decision gets a signed receipt. Curious whether DashClaw distinguishes between 'read' actions and 'actions that cost money' — that's where we found the policy logic gets interesting. |
|
|