Policy profiles
What you'll find here
The three shipped v0.1.0 policy profiles — strict, trusted-local, automation — what each allows by default, how to preview them, and how to run the regression gate.
Design rationale: ADR 0004 · Policy envelope shape.
Every envelope includes
Profile name
Fail-open status
Allowed capabilities
Denied capabilities
Approval requirements
Verification requirements
Receipt requirement
Handoff requirement
Redaction requirement
Strict
strict is the default profile.
Preview:
craik policy show
Trusted-local
Never selected accidentally.
trusted-local is an explicit fail-open profile for trusted local
development. Callers must opt in.
craik policy show --profile trusted-local --trusted-local-fail-open
Trusted-local does not bypass immutable path protection. Immutable writes still require explicit override metadata and a matching immutable write grant.
Automation
automation is for CI and unattended workflows.
Preview:
craik policy show --profile automation
Visibility
Fail-open is always traceable.
Fail-open profile use is visible in the policy envelope immediately and is preserved in case files, receipts, and handoffs.
Capability grants are evaluated separately from profile generation. Profiles define default allowed, denied, approval, and verification sets; grants authorize specific side-effect requests.
Regression gate
Run before release-sensitive changes:
craik policy test
The gate verifies:
Immutable path protection
Memory proposal defaults
Trusted-local fail-open receipts
Automation fail-closed behavior
Runner grant boundary tracking
Redaction
For policy-relevant payload shapes.