What is an Argument Constraint?
A rule in a YAML policy that restricts the value of a tool call argument. Argument constraints can enforce regex patterns, allowed enumerations, numeric ranges, string length limits, and required or forbidden checks — validating inputs before they reach the MCP server.
WHY IT MATTERS
Allowing or denying a tool call at the tool level is coarse-grained. The real danger often lies in the arguments — not the tool itself. A write_file tool is safe when writing to /tmp/ but dangerous when writing to /etc/. A transfer tool is fine for small amounts but catastrophic for large ones. Argument constraints let policies express these nuances.
Without argument validation, a policy that allows execute_query has no control over whether the query is SELECT * FROM users or DROP TABLE users. Argument constraints close this gap — checking parameter values against rules before the call reaches the server.
Argument constraints are the foundation of fine-grained policy enforcement. They transform binary allow/deny policies into rich, context-aware rules that can distinguish safe usage from dangerous usage of the same tool. This is where proxy-level governance becomes genuinely useful rather than merely restrictive.
HOW POLICYLAYER USES THIS
Intercept evaluates argument constraints defined in YAML policy files before forwarding tool calls. Each constraint specifies a parameter name and a validation rule — regex pattern, enum list, numeric range, string length, or required/forbidden status. Multiple constraints can be combined per tool, and all must pass for the call to be approved. Failed constraints are logged with the specific rule that was violated.