Guide: Write a Posture Policy

This guide shows a minimal posture policy with work and quarantine states.

1. Start from a baseline

version: "1.2.0"
name: Team Posture Policy
extends: clawdstrike:default

2. Add posture states

posture:
  initial: work
  states:
    work:
      capabilities: [file_access, file_write, egress, mcp_tool]
      budgets:
        file_writes: 100
        egress_calls: 50
        mcp_tool_calls: 200

    quarantine:
      capabilities: []
      budgets: {}

3. Add transitions

posture:
  transitions:
    - { from: "*", to: quarantine, on: critical_violation }
    - { from: "*", to: quarantine, on: budget_exhausted }

4. Validate

clawdstrike policy validate ./policy.yaml
clawdstrike policy lint ./policy.yaml --strict

5. Simulate with posture tracking

clawdstrike policy simulate ./policy.yaml ./events.jsonl --json --track-posture

Use posture.state, posture.budgets, and posture.transition in output entries to verify expected behavior.

Example policies

examples/policies/minimal-posture.yaml
examples/policies/enterprise-posture.yaml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Guide: Write a Posture Policy

1. Start from a baseline

2. Add posture states

3. Add transitions

4. Validate

5. Simulate with posture tracking

Example policies

FilesExpand file tree

posture-policy.md

Latest commit

History

posture-policy.md

File metadata and controls

Guide: Write a Posture Policy

1. Start from a baseline

2. Add posture states

3. Add transitions

4. Validate

5. Simulate with posture tracking

Example policies