Each federation peer carries a list of allowed scopes. Reggie evaluates the scope before each replication batch.
Scope schema
{
"scope": ["agent", "tool", "skill"],
"denyTags": ["experimental", "internal-only"],
"denyPublishers": ["did:oas:fakeorg:hmr:scammer"],
"rateLimit": { "requestsPerMinute": 1000 }
}
Policy (Cedar)
For richer rules, attach a Cedar policy file:
permit (
principal,
action == FederateAction::"replicate",
resource is Entry
) when {
resource.kind in ["agent", "tool", "skill"] &&
!resource.tags.contains("internal-only") &&
resource.publisher.bondHealth == "healthy"
};
Cedar evaluation happens in-process; sub-millisecond per decision.