The SDK ships with three built-in presets. All policy fields are optional - undefined fields skip that check. Use a preset as a starting point and override individual fields for your use case.

Aggressive

High autonomy. The agent can spend freely within generous limits. Best for trusted agents in low-risk environments.

import { aggressive } from '@vanar/xbpp'

// {
//   "maxSingle": 10000,
//   "dailyBudget": 100000,
//   "hourlyBudget": 50000,
//   "askMeAbove": 50000,
//   "maxRequestsPerMinute": 100
// }

Balanced

Sensible defaults. Good for most use cases - allows routine spending while escalating larger amounts.

import { balanced } from '@vanar/xbpp'

// {
//   "maxSingle": 100,
//   "dailyBudget": 1000,
//   "hourlyBudget": 200,
//   "askMeAbove": 500,
//   "maxRequestsPerMinute": 20
// }

Risk Averse

Maximum caution. Tiny limits, low escalation threshold. Best for new or untrusted agents, or high-value accounts.

import { riskAverse } from '@vanar/xbpp'

// {
//   "maxSingle": 10,
//   "dailyBudget": 50,
//   "hourlyBudget": 20,
//   "askMeAbove": 5,
//   "maxRequestsPerMinute": 5
// }

COMPARISON TABLE

Limit	Aggressive	Balanced	Risk Averse
Max Single	$10,000	$100	$10
Daily Budget	$100,000	$1,000	$50
Hourly Budget	$50,000	$200	$20
Escalate Above	$50,000	$500	$5
Rate Limit	100/min	20/min	5/min

CUSTOM POLICIES

Extend any preset or build from scratch. All fields are optional - omit a field to skip that check entirely.

import { evaluate } from '@vanar/xbpp'

const dueDiligence = {
  maxSingle: 500,
  dailyBudget: 2000,
  askMeAbove: 200,
  trustedRecipients: ['api.openai.com', 'stripe.com'],
  blockedDomains: ['shady-casino.xyz'],
  allowedCurrencies: ['USDC', 'USD'],
  maxRequestsPerMinute: 10,
  operatingHours: { start: '09:00', end: '17:00', timezone: 'America/New_York' },
}

const verdict = evaluate({ amount: 300, recipient: 'api.openai.com' }, dueDiligence)

POLICY PRESETS

Aggressive

Balanced

Risk Averse

COMPARISON TABLE

CUSTOM POLICIES