Environments
Gavrun uses the environment field to scope policies to specific deployment stages.
Values
| Value | Use |
|---|---|
"dev" | Local development. Default if not set. |
"staging" | Pre-production testing. |
"prod" | Production. |
Setting the environment
python
gavrun.configure(
environment="prod",
# or via env var:
# GAVRUN_ENV=prod
)Policy scoping
A policy with environment: ["prod"] only applies to agents running in production. Same agent in "dev" gets a different policy (or none — resulting in deny-all).
json
{
"scope": {
"agent_selector": ["payment-agent"],
"environment": ["prod"]
}
}Empty environment: [] matches all environments.
Best practice
Use separate policies per environment with different strictness:
- dev — loose limits,
mode="observe", tools in Allow - staging — same rules as prod,
mode="enforce" - prod — full enforcement, human review on risky tools