Policy.
Compiles, signs, and enforces the operator's governance contract.
Policy is where the operator's governance contract lives. Permissions, quotas, dead-man's switches, retention policies, and revocation rules are compiled from the operator's signed configuration into an executable policy graph. Every action in the system is checked against this graph before it runs, not after. There is no admin override that the vendor can invoke.
- 01Policy compilation from signed operator configuration
- 02Pre-action policy enforcement
- 03Policy versioning and rollback
- 04Dead-man's switch and time-bounded permission expiry
Authoritative external corpora and standards this brain treats as canonical. Every retrieval against these sources is signed into the audit ledger so a regulator can prove which evidence drove which output.
- 01Mickai Patent 10, 16, 20
- 02Open Policy Agent and Rego language
- 03XACML 3.0 specification
- 04AWS IAM policy language
- 05Kubernetes RBAC
- 06GDPR Article 25 data-protection by design
- 07NIST SP 800-162 ABAC
- 08Cedar policy language documentation
- 09ISO/IEC 27001 control catalogue
Mickai-native tooling primitives this brain implements internally. Codex for sovereign plain-text graph PKM, Lectern for spaced-repetition memory, Stele for citation-provenance, and domain-native primitives layered on top. No external services in the trust path; data stays on operator-personalised hardware.
- 01Aegis (policy compilation and enforcement)
- 02Wax-Seal (signed-policy persistence)
- 03Cipher (operator-config custody)
- 04Vellum (policy-document workspace)