Start Here

Core Concepts

Mental Model
Capability
AgentAction
Decision
PolicyContext
Effects & Side Effectssoon
Identity & Principalssoon

Python SDK

Runtime
Capability Decorator
Wrapping Functions
Manual Evaluation
Error Handling
Testingsoon

Policy Runtime

Writing Policies
Before Capability
After Capability
On Error Policiessoon
Policy Matching
Decision Compositionpartial
Policy Testingsoon

Interception

Overview
InterceptRequest
InterceptResult
Callable Interceptor
Async Interceptionsoon
Streamingsoon

Capabilities

Registry
Grantssoon
Catalogsoon
Schemaspartial

Integrations

Overviewsoon
LangGraphsoon
CrewAIsoon
OpenAI Agents SDKsoon
MCPsoon
Custom Adaptersoon

Cloud

Overviewsoon
Remote Decisionssoon
Audit Ingestionsoon
Policy Bundlessoon
Dashboardsoon

Recipes

SQL Read-Only
Refund Limit
Block High-Risk Tool
Sensitive Output
Tenant Isolation
Human Approvalsoon
PII Redactionsoon

Reference

Roadmap

Docs/Roadmap

Roadmap

What is built, what is coming next, and where Brane is going.

Now — brane-core

Available now

Runtime coordinator
Capability dataclass with full metadata
Effect and SideEffect dataclasses
Scope dataclass
AgentAction dataclass
Decision (allow and deny)
PolicyContext with convenience properties and methods
Policy dataclass with metadata and priority
CapabilityRegistry
PolicyRegistry
PolicyEngine (exact, wildcard, priority, deny-wins)
InterceptRequest and InterceptResult
CapabilityInterceptor
CallableCapabilityInterceptor (sync)
@runtime.capability decorator
@runtime.before_capability decorator
@runtime.after_capability decorator
runtime.wrap_capability
runtime.create_action and evaluate_action
CapabilityDeniedError and CapabilityNotFoundError

Next — runtime completeness

Planned

Async function wrappers (async/await support)
AuditEvent schema and AuditSink interface
MemoryAuditSink, JsonlAuditSink (local audit storage)
approval_required Decision type
ApprovalProvider interface and CLI provider
on_error policy stage interception
transform_input Decision type
transform_output Decision type
redact Decision type
Capability grants — GrantRegistry and agent grant model
Error stage interception
Input mutation support

After — integrations

Planned

brane-integrations-langgraph — LangGraph tool and model call interception
brane-integrations-crewai — CrewAI tool wrapping and delegation governance
brane-integrations-openai-agents — OpenAI Agents SDK function tool wrapping
brane-mcp — MCP server, tool, and resource governance
Framework adapter base contract and testing harness
Streaming interception

Platform — Brane Cloud

Planned

Remote policy evaluation API
Policy bundles — versioned, environment-pinned policy packages
Audit ingestion API
CloudAuditSink
Approval workflow API — dashboard approval queue
Capability catalog — cloud-backed inventory with search and risk review
Policy bundle promotion between environments
Fail-open and fail-closed modes for remote decision calls

Platform — Dashboard and CLI

Planned

Brane Dashboard — agents, capabilities, policies, audit logs, approvals, traces
Brane CLI — brane policies test / push / pull, brane capabilities list, brane audit tail
Policy simulator — test policies against synthetic actions without deploying
Team management and roles
Webhooks for approval events and high-risk denials

Governance — specialized surfaces

Planned

Model governance — cost budget policies, provider routing, output policies
Memory governance — namespace enforcement, PII policies, memory poisoning controls
Retrieval governance — tenant filter enforcement, document classification, result redaction
Filesystem governance — path allowlists, extension policies, data export controls
Secret governance — invocation-bound credentials, audit-safe secret handling
Sandbox governance — network, filesystem, CPU/memory, and time restrictions
Browser and computer-use governance — domain allowlists, form submission controls
Multi-agent governance — delegation policies, subagent spawn controls, identity delegation

Design Direction

The full Brane platform gives every agent action a complete governance record: who attempted it, what capability it used, what policy evaluated it, what decision was returned, and what effect it had. That record enables compliance workflows, approval queues, trace timelines, cost attribution, and security review — none of which require changes to the agent code.

The mental model stays the same through all platform layers:

Capability + AgentAction + PolicyContext → Policy → Decision

Local runtime, cloud runtime, dashboard, CLI, and every integration reduce to this formula. Framework adapters translate native tool calls into AgentActions. Policy bundles bring policies down from the cloud. The dashboard makes the control surface visible. Audit makes it auditable.

The local runtime works today without any cloud dependency. Connect to Brane Cloud when you need central policy management, cross-service audit, or dashboard approval workflows.