Docs

Valta Docs

Spending Policies

A spending policy defines what an agent is allowed to spend, and under what conditions it must pause and wait for your approval. Policies are enforced in the Valta backend before any money moves — the model cannot override them.

Sandbox policy

Use this during development and testing. Strict limits ensure mistakes are cheap.

ts
await valta.policies.create({
  agentId: agent.id,
  dailyLimit: 5,
  maxPerTransaction: 1,
  requireApprovalAbove: 0.50,
})
// Nothing costs more than $1. Everything above $0.50 needs approval.
// Agent can only spend $5/day total.

Standard production policy

A reasonable baseline for a production agent with moderate spend.

ts
await valta.policies.create({
  agentId: agent.id,
  dailyLimit: 100,
  monthlyLimit: 1000,
  maxPerTransaction: 25,
  requireApprovalAbove: 50,
  blockedCategories: ['gambling', 'adult'],
})

Locked-down policy

Use this when an agent is handling external content or operating with elevated risk. Only allowlisted domains can be called.

ts
await valta.policies.create({
  agentId: agent.id,
  dailyLimit: 50,
  maxPerTransaction: 10,
  requireApprovalAbove: 5,
  allowedDomains: ['api.stripe.com', 'api.openai.com'],
  blockedCategories: ['gambling', 'adult', 'crypto_exchange', 'forex'],
})
// Agent can ONLY call Stripe and OpenAI APIs.
// Anything above $5 pauses and waits for your approval.

Updating policies at runtime

You can increase limits temporarily for a specific run, then reset afterwards.

ts
// Increase limit for a specific run:
await valta.policies.update(agent.id, { dailyLimit: 200 })
const run = await valta.agents.run(agent.id, { task: '...' })
// Reset after:
await valta.policies.update(agent.id, { dailyLimit: 100 })

Deleting a policy

Removes all limits. Use with caution — the agent will have no spending restrictions until you create a new policy.

ts
await valta.policies.delete(agent.id)
// Agent runs with no financial limits until you create a new policy

Checking the current policy

ts
const policy = await valta.policies.get(agent.id)
if (!policy) {
  console.log('No policy set — agent has no spending limits')
}