db.drop_table("users") A destructive call. The policy stops it before execution.
Held. Approve it to continue.
Every action passes the gate.
These cards hit the same policy engine that ships in the JamJet adapters. Pick a call, watch the verdict, keep the receipt. One of them will wait for a human. That human is you.
Live policy evaluation
github.merge(pr=412) High-risk action. Held until a human says yes. That human is you.
Held. Approve it to continue.
email.send_bulk(n=10_000) Blast radius. Blocked by policy before any mail goes out.
Held. Approve it to continue.
llm.call(est=$6.40) This call would cross the $5 run cap. Halted at the gate, not on the invoice.
Held. Approve it to continue.
slack.send_message(#alerts) Allowed, and written down. Every decision leaves evidence.
Held. Approve it to continue.
fs.read("reports/q2.csv") A plain read inside policy. Allowed, instantly, no ceremony.
Held. Approve it to continue.
Try your own tool call
Held. Approve it to continue.
The policy that decided
version: 1
rules:
- match: "*drop*"
action: block
- match: "*delete*"
action: block
- match: "email.send_bulk"
action: block
- match: "github.merge"
action: require_approval
- match: "payments.refund"
action: require_approval
- match: "slack.send_message"
action: audit
- match: "fs.read"
action: allow
budgets:
default:
max_usd: 5This is the exact policy the Function loads. Change a rule and the verdicts change. The same YAML works in the CLI adapter and the Python SDK.
Recorded from real runs
These behaviors live in the Rust runtime, not the TS policy engine. They are replays, not live calls.
Recorded from a real run
kill -9 mid-run
$ jamjet run research-pipeline.yaml ▸ Starting exec_7f3a... ▸ [Analyze] ✓ completed 420ms ▸ [Research] ✗ worker crashed (SIGKILL) ▸ Lease expired · reclaiming... ▸ [Research] ✓ resumed from checkpoint 890ms ▸ [Synthesize] ✓ completed 1.1s ▸ Done · 0 events lost
Recorded from a real run
fs.read(customers.csv)
$ jamjet run ingest-customers.yaml ▸ fs.read("customers.csv") → intercepted ▸ PII scan: 4 SSN patterns, 12 email addresses ▸ Redacting before tool result is returned... ▸ Tool result: [REDACTED x4 SSN] [REDACTED x12 email] ▸ Span written · evidence: pii.redact x16 ▸ Agent continues with sanitized data
Recorded from a real run
engram.recall("user preferences")
$ engram.recall("user preferences") ▸ Searching semantic index... [ from earlier sessions ] ▸ sunil prefers concise answers (s1) ▸ project: JamJet Cloud (s1) ▸ shipped policy violations panel (s7) ▸ location: Amsterdam (superseded Pune, s6) [ token budget: 287 of 400 ] ▸ Durable facts returned. Raw chat history not included.
Impact
Why teams care
Lower rerun cost
Completed steps stay completed. No wasted tokens after failure.
Safer side effects
Downstream actions are less likely to be repeated after failure.
Faster debugging
Replay the exact execution instead of reconstructing it from logs.
More reliable operations
Long-running workflows survive crashes, restarts, and lease handoffs.
Real workflows
How teams use JamJet under load
Click any card to expand the code.
Investment Due Diligence
A durable multi-agent workflow for report generation, risk review, and compliance checks.
RAG Assistant
A retrieval-and-synthesis workflow where every step is checkpointed, traceable, and replayable.
Human Approval Workflow
Pause durably for a human decision, then resume without losing state or re-running prior work.
MCP Tool Integration
Use external tools through MCP while keeping each tool call inside the durable runtime.
Agent-to-Agent Delegation
Delegate to specialized agents via A2A with identity-aware, cost-aware, replayable execution.