# Policy model (draft)

Policies are deterministic rules enforced outside model weights.

## Policy dimensions
- tool allow/deny
- network egress constraints
- filesystem scope constraints
- side-effect confirmation requirements
- budget ceilings and escalation rules
- data classification rules (PII, secrets, etc.)

## Representation
Initial representation may be:
- YAML/JSON policy documents
- versioned and referenced by `policy_ref`