Runplane sits in the execution path between AI agents and production systems. The Guard API enforces policy decisions before actions run.
ALLOW
Executes
REQUIRE_APPROVAL
Waits for human
BLOCK
Prevented
Runplane is an execution control layer, not an agent framework.
This is runtime enforcement—not observability, not orchestration.
Every action flows through the Guard API before execution
Agent calls guard()
Action type, target, and context are sent to Runplane
Request goes to Guard API
The Gateway receives the request at /api/v1/guard
Guard API returns decision
Policy is evaluated and a decision is returned: ALLOW, BLOCK, or REQUIRE_APPROVAL
Execution is allowed or blocked
The SDK enforces the decision locally. Callback only runs if ALLOW.
End-to-end execution control
Import from LangChain, OpenAPI, Vercel AI SDK, or define manually.
Tools are mapped to canonical action types: delete, deploy, send_email, payment, etc.
Policies evaluate action type, target, environment, and full context.
Action + context sent to /api/v1/guard
Guard API returns ALLOW, BLOCK, or REQUIRE_APPROVAL.
SDK enforces the decision. Callback runs only if ALLOW.
Every action and decision is recorded in the audit log.
Three possible outcomes for every action
ALLOW
Callback executes immediately
BLOCK
Callback never runs, throws ShieldError
REQUIRE_APPROVAL
Execution pauses until human decision
The enforcement boundary. All decisions are made server-side.
POST https://runplane.ai/api/v1/guardGateway Mode = Enforcement Boundary: All decisions are made server-side via the Guard API (/api/v1/guard). The SDK is an optional wrapper for convenience—the enforcement happens in the Gateway.
The SDK wraps the Guard API for convenience. Gateway Mode handles the enforcement—SDK Mode is optional.
import { Shield } from "@runplane/runplane-sdk"
const shield = new Shield({
baseUrl: "https://runplane.ai",
apiKey: process.env.RUNPLANE_API_KEY,
failMode: "closed"
})
await shield.guard(
"delete_record",
"users-database",
{ recordId: "user_123" },
async () => {
await deleteUser("user_123")
}
)REQUIRE_APPROVAL pauses execution until a human decides
guard() returns
REQUIRE_APPROVAL
Request appears
Dashboard → Approvals
Human reviews
Context displayed
Approve
Callback executes
Deny
Throws ShieldError
The SDK does not provide approval UI. It only waits for the decision. Approvals are handled in the Runplane Dashboard.
Every action and decision is recorded in the audit log
{
"eventId": "evt_8a3k2m",
"timestamp": "2024-12-15T14:32:01Z",
"action": "delete_record",
"target": "users-database",
"decision": "REQUIRE_APPROVAL",
"context": {
"recordId": "user_123"
}
}Fail-closed by default for safety
failMode: "closed"(default)This is a safety guarantee. If Runplane cannot be reached, execution is blocked.
failMode: "open" is available for testing, where actions proceed without enforcement if Runplane is unreachable.
Runplane sits between AI agents and real-world systems. The Guard API enforces policies at runtime, returning deterministic decisions that control whether actions are allowed to execute.