autonomy runtime start

Start the policy-gated tool-execution runtime service

Synopsis

Starts an HTTP service on –listen that evaluates policy before executing each tool call request.

The active policy bundle is loaded from –policy-dir (default managed cache). If no bundle is loaded, the runtime is deny-all.

Tool call requests must be POST /v1/tool with a JSON body: {“kind”:”tool.echo”,”params”:{“message”:”hello”}}

Supported tools: tool.echo — returns the “message” param tool.http_get — fetches an allowlisted endpoint (params.endpoint) tool.shell — always blocked by policy

When –orchestrator-url (or AUTONOMY_ORCHESTRATOR_URL) is set, a background release poll loop is started that periodically fetches the latest desired-state release and emits ai.deployment.lifecycle telemetry events.

When a verified release differs from the currently active lock fingerprint, the new policy bundle is pulled from the OCI registry, loaded into the managed cache, and hot-swapped onto the live server without a restart. The active lock fingerprint is persisted to active-lock.json in the WAL directory and survives daemon restarts.

Activation is fail-closed: if bundle pull or load fails, the current policy remains active and the next poll cycle will retry.

Usage

autonomy runtime start [flags]

Options

      --allowed-domains string    comma-separated list of allowed endpoint keys for tool.http_get (host[:port] or URL with scheme) (default "api.anthropic.com,ifconfig.me")
      --cosign-pubkey string      cosign public key path for release verification (env: AUTONOMY_COSIGN_PUBKEY)
      --demo                      start with the embedded demo policy (no bundle file required; useful for iterating on agent logic)
      --listen string             TCP address to listen on (default "127.0.0.1:7777")
      --orchestrator-url string   orchestrator base URL for release polling (env: AUTONOMY_ORCHESTRATOR_URL)
      --policy-dir string         managed policy cache root (default: XDG_CACHE_HOME/autonomyops/policy/managed)
      --poll-interval duration    how often to poll the control-plane for new releases (default 30s)
      --release-channel string    release channel to poll (env: AUTONOMY_RELEASE_CHANNEL) (default "stable")
      --wal-dir string            telemetry WAL directory (default: XDG_CACHE_HOME/autonomyops/telemetry)

See also