Contextual Policies in Omnigent: Using session state to better govern AI agents

· Source: Databricks · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Software Development & Engineering · Depth: Intermediate, medium

Summary

Databricks' open-source meta-harness, Omnigent, introduces "contextual policies" to enhance AI agent governance beyond simple allow-list controls. These policies track session state, such as an agent's read history or accumulated spend, to dynamically decide if an action should proceed. This approach addresses new enterprise risks like prompt injection, where an agent's safety depends on prior actions. Unlike traditional guardrails that block actions entirely or cause user fatigue with constant approvals, contextual policies enable nuanced controls. Omnigent supports various coding agents like Claude Code and Codex, and frameworks such as OpenAI Agents SDK. Example policies include a Google Drive policy confining writes to agent-created documents, a risk score policy that tightens controls as sensitive material is handled, a cost policy with soft and hard spending caps, and intent-based authorization applying the Principle of Least Privilege.

Key takeaway

For MLOps Engineers or AI Security Engineers deploying agents, you should move beyond static allow-list controls. Implement contextual policies to dynamically manage agent risks and costs, preventing issues like prompt injection or budget overruns without user fatigue. Your agents can become both safer and more usable by adapting permissions based on session history, such as documents accessed or cumulative spend. Consider integrating Omnigent to apply these advanced governance models across your existing agent harnesses.

Key insights

AI agent governance is significantly improved by contextual policies that dynamically adapt based on session state.

Principles

Method

Policies listen to agent events, update session-specific state variables, and return decisions (allow, deny, transform, ask user) based on current state and event.

In practice

Topics

Code references

Best for: AI Architect, CTO, VP of Engineering/Data, AI Engineer, MLOps Engineer, AI Security Engineer

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Databricks.