Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Policy-as-Prompt: Turning AI Governance Rules into Guardrails for AI Agents

Gauri Kholkar, Ratinder Ahuja

TL;DR

This work addresses the policy-to-practice gap in AI governance by turning unstructured design artifacts into enforceable guardrails for AI agents. It introduces Policy as Prompt, an end-to-end framework that builds a source-linked policy tree from design documents and compiles it into prompt-based classifiers for real-time runtime monitoring, all with auditable provenance and human-in-the-loop review. The approach comprises POLICY-TREE-GEN to extract and validate rules, and POLICY-AS-PROMPT-GEN to generate deterministic prompts that enforce least-privilege behavior. Experimental results across HR and SOC domains show competitive enforcement with both large and small models, highlighting the framework’s potential for secure-by-design deployment and scalable AI safety and compliance in regulatable ML.

Abstract

As autonomous AI agents are used in regulated and safety-critical settings, organizations need effective ways to turn policy into enforceable controls. We introduce a regulatory machine learning framework that converts unstructured design artifacts (like PRDs, TDDs, and code) into verifiable runtime guardrails. Our Policy as Prompt method reads these documents and risk controls to build a source-linked policy tree. This tree is then compiled into lightweight, prompt-based classifiers for real-time runtime monitoring. The system is built to enforce least privilege and data minimization. For conformity assessment, it provides complete provenance, traceability, and audit logging, all integrated with a human-in-the-loop review process. Evaluations show our system reduces prompt-injection risk, blocks out-of-scope requests, and limits toxic outputs. It also generates auditable rationales aligned with AI governance frameworks. By treating policies as executable prompts (a policy-as-code for agents), this approach enables secure-by-design deployment, continuous compliance, and scalable AI safety and AI security assurance for regulatable ML.

Policy-as-Prompt: Turning AI Governance Rules into Guardrails for AI Agents

TL;DR

This work addresses the policy-to-practice gap in AI governance by turning unstructured design artifacts into enforceable guardrails for AI agents. It introduces Policy as Prompt, an end-to-end framework that builds a source-linked policy tree from design documents and compiles it into prompt-based classifiers for real-time runtime monitoring, all with auditable provenance and human-in-the-loop review. The approach comprises POLICY-TREE-GEN to extract and validate rules, and POLICY-AS-PROMPT-GEN to generate deterministic prompts that enforce least-privilege behavior. Experimental results across HR and SOC domains show competitive enforcement with both large and small models, highlighting the framework’s potential for secure-by-design deployment and scalable AI safety and compliance in regulatable ML.

Abstract

As autonomous AI agents are used in regulated and safety-critical settings, organizations need effective ways to turn policy into enforceable controls. We introduce a regulatory machine learning framework that converts unstructured design artifacts (like PRDs, TDDs, and code) into verifiable runtime guardrails. Our Policy as Prompt method reads these documents and risk controls to build a source-linked policy tree. This tree is then compiled into lightweight, prompt-based classifiers for real-time runtime monitoring. The system is built to enforce least privilege and data minimization. For conformity assessment, it provides complete provenance, traceability, and audit logging, all integrated with a human-in-the-loop review process. Evaluations show our system reduces prompt-injection risk, blocks out-of-scope requests, and limits toxic outputs. It also generates auditable rationales aligned with AI governance frameworks. By treating policies as executable prompts (a policy-as-code for agents), this approach enables secure-by-design deployment, continuous compliance, and scalable AI safety and AI security assurance for regulatable ML.

Paper Structure

This paper contains 10 sections, 5 figures, 4 tables.

Table of Contents

  1. Introduction
  2. Policy Tree Generation
  3. Policy as Prompt Generation
  4. Experimental Setup and Results
  5. Conclusion
  6. Limitations
  7. Technical Appendices and Supplementary Material
  8. POLICY-TREE-GEN PROMPTS
  9. POLICY-AS-PROMPT OUTPUT
  10. Evaluation for POLICY-TREE-GEN

Figures (5)

  • Figure 1: Policy Generation and Enforcement Pipeline for an HR Application
  • Figure 2: Prompt for hierarchical parsing in POLICY-TREE-GEN
  • Figure 3: Prompt for extracting existing policy examples in POLICY-TREE-GEN
  • Figure 4: Policy-As-Prompt for HR Application Input Classifier
  • Figure 5: Content-First Policy-As-Prompt for Security Input Classification