FPL is a domain-specific policy language for AI governance, AI agent guardrails, and AI execution control. It is designed for teams that need deterministic tool-call policy enforcement with human-readable policies, auditable decisions, and practical integration into modern agent frameworks.
A domain-specific language for AI agent governance.
FPL is a purpose-built language for governing AI agent tool calls. It replaces YAML policy files with concise, readable syntax that anyone — engineers, compliance officers, CISOs — can write and review.
FPL compiles to the same internal representation as YAML but provides agent-native primitives as first-class language constructs rather than YAML conventions.
agent payment-bot {
default deny
model "gpt-4o"
framework "langgraph"
budget session {
max $500
daily $2000
max_calls 100
on_exceed deny
}
phase intake {
permit read_customer
permit get_order
}
rules {
deny! shell/* reason: "never shell"
defer stripe/refund
when amount > 500
notify: "finance"
reason: "high value refund"
permit stripe/*
when amount <= 500
}
credential stripe {
backend vault
path secret/data/stripe/live
ttl 15m
}
}
The equivalent YAML is 60+ lines. This FPL is 25 lines with more readable structure.
- Agent-native primitives — sessions, budgets, phases, delegation, ambient authority, and human approval workflows are language constructs, not conventions.
- Mandatory deny (
deny!) — compile-time enforced. Cannot be overridden by position, child policies, priority, or any subsequent permit rule. - Natural language compilation —
faramesh policy compile "deny all shell commands"calls an LLM, produces FPL, validates it, and backtests it against real production history before activation. - Backtest before activation — every policy generated from natural language is backtested against real decision-provenance records. You see exactly what the policy would have done to real past decisions before activating it.
- Four input modes, one engine — FPL directly, YAML (interchange), natural language (compiled to FPL), code annotations (
@faramesh.tool(defer_above=500)). - GitOps native — plain text files, version-controlled, validated in CI.
- AI governance programs that need policy-as-code for agent tool execution.
- AI agent platforms that need explicit budgets, phases, delegation, and human approvals.
- Security and compliance workflows that require deterministic decision logic and auditable policy history.
- Teams moving from generic policy DSLs to an agent-native language model for execution control.
| Feature | FPL | OPA / Rego | Cedar | YAML + expr |
|---|---|---|---|---|
| Sessions | First-class | No | No | Convention |
| Budget enforcement | First-class | No | No | Convention |
| Workflow phases | First-class | No | No | Convention |
| Delegation chains | First-class | No | No | Convention |
| Ambient authority | First-class | No | No | Convention |
| Human approval | First-class | No | No | Convention |
| Mandatory deny | Compiler-enforced | Runtime only | Runtime only | Documentation |
| NLP compilation | Built-in | No | No | No |
| Backtest | Built-in | Manual | No | Manual |
| Lines for typical policy | ~25 | ~80 | ~50 | ~65 |
FPL ships with the Faramesh CLI.
# Homebrew
brew install faramesh/tap/faramesh
# Shell script
curl -fsSL https://raw.githubusercontent.com/faramesh/faramesh-core/main/install.sh | bash
# Go
go install github.com/faramesh/faramesh-core/cmd/faramesh@latest| Document | Description |
|---|---|
| Docs Index | Entry point for all FPL documentation and recommended reading order |
| Language Reference | Complete language reference — every keyword, block, and syntax construct |
| Getting Started | Write your first policy in five minutes |
| Comparison | Detailed comparison with OPA, Cedar, and YAML |
| Faramesh Core README | Product-level runtime architecture and governance overview |
| Faramesh Core Docs Index | Core documentation hub for engine, SDK, and architecture navigation |
| Specification | Formal language specification with EBNF grammar |
| Reference AST Schema | JSON shape produced by the reference parser |
| Examples | Ready-to-use policy files for common agent types |
.fpl
This repository now follows a language-repo shape inspired by mature DSL projects.
spec/formal language specificationgrammar/EBNF grammarexamples/practical policy examplesconformance/valid/invalid fixture corpus for language compatibility testingreference/go/experimental Go reference parser scaffold and CLIeditors/editor tooling plans and upcoming grammar packages
The production-grade parser/compiler in faramesh-core remains the source of truth for runtime governance behavior. The fpl-lang repo focuses on language specification, conformance, and independent language tooling.
fpl-lang/
├── docs/ # Getting started, language reference, comparison
├── spec/ # Formal specification and AST schema
├── grammar/ # EBNF grammar
├── conformance/ # Valid/invalid fixture corpus
├── reference/go/ # Experimental reference parser and CLI tools
└── editors/ # Editor integration plans and grammar packages
Planned: VS Code extension, JetBrains plugin, Neovim treesitter grammar. See editors/ for details.
# Run repository checks
make test
# Run executable conformance against reference parser
make conformance-run
# Run the experimental Go reference parser tests
cd reference/go && go test ./...
# Parse a fixture and print JSON AST
cd reference/go && go run ./cmd/fplparse ../../conformance/valid/basic-agent.fpl
# Format an FPL file
cd reference/go && go run ./cmd/fplfmt ../../conformance/valid/basic-agent.fpl