NPL Quickstart
Test agent governance policies locally with the open standard
NPL Quickstart
NPL (Nexus Policy Language) is the open, Apache 2.0 standard for deterministic agent governance. Test it yourself in under two minutes with npm.
| What | Access |
|---|---|
| NPL spec + reference evaluator | github.com/hardalion/npl-spec |
| npm packages | @hardalion/npl-policy-engine, @hardalion/npl-audit-verify |
| Nexus platform (hosted enforcement, audit DB, console) | Sandbox or api.hardalion.com |
1. CLI (zero install)
npx @hardalion/npl-policy-engine --tool drop_table --jsonExpected: action: "BLOCK" (reference policy nato-prou-strict-financial).
Allow example:
npx @hardalion/npl-policy-engine --tool summarize_portfolio --jsonPolicy URI pin:
npx @hardalion/npl-policy-engine \
--policy-uri hardalion://nato-prou-strict-financial@1.0.0 \
--tool drop_table --jsonExit codes: 0 = ALLOW or REQUIRE_HUMAN · 1 = BLOCK (CI-friendly).
2. Your own policy file
curl -sO https://raw.githubusercontent.com/hardalion/npl-spec/main/examples/nato-prou-strict-financial.yaml
npx @hardalion/npl-policy-engine \
--policy-file ./nato-prou-strict-financial.yaml \
--tool wire_transfer \
--args '{"amount":50000}' \
--json3. Programmatic (Node 22+)
npm install @hardalion/npl-policy-engineimport { evaluateToolCall } from '@hardalion/npl-policy-engine'
const decision = evaluateToolCall({
policy: 'nato-prou-strict-financial',
toolName: 'drop_table',
toolArgs: { table: 'users' },
})
console.log(decision.action) // BLOCK
console.log(decision.ruleId)4. Verify an audit export (offline)
npx @hardalion/npl-audit-verify \
https://raw.githubusercontent.com/hardalion/npl-spec/main/examples/audit-export.sample.json5. Clone the spec repo (optional)
For contributors, examples, and integration patterns:
git clone https://github.com/hardalion/npl-spec.git
cd npl-spec
pnpm install && pnpm test && pnpm demoWhat NPL does not include
NPL is the portable policy contract. It does not ship:
- Hosted kill switches or multi-node enforcement
- Immutable audit storage or compliance dashboards
- Full MiFID / DORA workflow engines
Those capabilities are provided by the Nexus platform. You can evaluate every policy locally without a Nexus subscription.
Next steps
- Spec: github.com/hardalion/npl-spec
- Reference policies: NPL policies
- Full platform: Connect your first agent