Rule Engine

Policy as Code. Enforced in < 2ms.

Declarative rules that intercept every AI request at the gateway — before cost is incurred, before models respond, before policy is violated.

< 2ms

rule eval

condition types

action types

scope levels

Get started Read the docs

Anatomy of a FORG rule

Every rule shares the same structure — readable, version-controllable, auditable.

forg.rules / budget-guard.json

{
  "id":         "budget-guard-monthly",
  "scope":      "org",
  "condition": {
    "type":      "budget",
    "threshold": 500
  },
  "action":    {
    "type":    "hard_stop",
    "message": "Monthly budget exceeded"
  },
  "enabled":   true
}

idUnique, human-readable rule name

scopeorg · team · individual

condition.typebudget · model · time · usage

condition.thresholdNumeric or enum value

action.typealert · soft_cap · hard_stop · redirect

enabledToggle without deleting the rule

Four rule types

Each type maps to a condition category evaluated at request time.

Budget Rule

Triggers on cumulative spend. Stops runaway costs before they compound.

monthly_cost > 500

Evaluates rolling cost totals against a dollar threshold. Resets on your billing cycle.

Model Rule

Allowlist or blocklist specific model IDs. Enforces model governance at the gateway.

model NOT IN ["gpt-4o", "claude-3-opus"]

Exact string match against the model field of every request. Case-sensitive.

Time Rule

Restrict AI usage to business hours or approved windows.

hour NOT IN [9..17] AND weekday

Evaluates server-side UTC or tenant-configured timezone. Supports cron-like ranges.

Usage Rule

Rate-limit token throughput per user, team, or org over a rolling window.

tokens_per_hour > 100000

Tracks rolling token counts in-memory. Configurable windows: 1m, 1h, 24h, 30d.

Condition primitives

Every field the rule engine can evaluate at request time.

Primitive	Type	Example	Notes
`tokens_in`	integer	`tokens_in > 50000`	Prompt token count
`tokens_out`	integer	`tokens_out < 1000`	Completion token count
`cost_usd`	float	`cost_usd > 0.50`	Per-request cost in USD
`model`	string	`model == "gpt-4o"`	Exact model identifier
`latency_ms`	integer	`latency_ms > 3000`	End-to-end request latency
`hour_of_day`	integer	`hour_of_day NOT IN [9..17]`	0–23, server UTC
`day_of_week`	integer	`day_of_week IN [6, 7]`	1=Mon … 7=Sun
`error_code`	string	`error_code == "rate_limit"`	Provider error code

Actions reference

What happens when a rule condition evaluates to true.

alert

Alert

Request continues

Fires a Slack message or email to configured recipients. The request proceeds normally — visibility without friction.

soft_cap

Soft Cap

Request continues

Surfaces an in-IDE warning to the developer, logs the violation, and lets the request through. Teachable moments.

hard_stop

Hard Stop

Request blocked

Cancels the request at the gateway layer before it reaches the model. Zero tokens consumed, zero cost incurred.

redirect

Redirect

Model swapped

Transparently substitutes the requested model with a cheaper or approved alternative. Developer sees no difference.

Policy templates

Copy, paste, and customize. Ship your first policy in minutes.

Startup budget guard

$2K monthly org cap — hard stop before costs spiral

{
  "id": "startup-budget-guard",
  "scope": "org",
  "condition": { "type": "budget", "threshold": 2000, "window": "monthly" },
  "action": {
    "type": "hard_stop",
    "message": "Monthly AI budget exhausted. Resets on the 1st."
  },
  "enabled": true
}

Enterprise model allowlist

Only security-reviewed models may run in your environment

{
  "id": "enterprise-model-allowlist",
  "scope": "org",
  "condition": {
    "type": "model",
    "operator": "not_in",
    "allowlist": ["claude-3-5-sonnet-20241022", "claude-3-haiku-20240307"]
  },
  "action": {
    "type": "hard_stop",
    "message": "Model not on approved list. See infosec/approved-models.md"
  },
  "enabled": true
}

Off-hours protection

Restrict weekend and after-hours usage to avoid unmonitored spend

{
  "id": "off-hours-protection",
  "scope": "team",
  "condition": {
    "type": "time",
    "operator": "outside",
    "window": { "days": [1,2,3,4,5], "hours": [8, 18] }
  },
  "action": {
    "type": "alert",
    "notify": ["eng-leads@company.com"],
    "message": "Off-hours AI usage detected"
  },
  "enabled": true
}

Rules cascade down

More specific scopes override parent rules. Individuals beat teams, teams beat org.

OrgApplies to all teams and individuals

TeamOverrides org rules for team members

IndividualHighest specificity — overrides all parents

↓

An individual can have a model allowlist that supersedes the team policy — useful for ML engineers who need broader access without relaxing rules for the whole team.

Manual vs automated enforcement

Before FORG

✗Slack messages to enforce policies

✗Policies documented in Notion, rarely followed

✗Monthly manual audit of API keys and spend

With FORG

✓Automated enforcement in < 2ms per request

✓Rules version-controlled in git alongside code

✓Real-time violation alerts with full request context

Write your first rule in minutes

Install FORG, drop a JSON rule file, and have policy enforcement running before your next coffee.

Install FORG Rule reference