Policy Kit helps you publish machine-readable access terms and keep them consistent across environments (origin, edge, gateway).

Free and open source

Generate your AI policy pack from one file.

Name: PEAC Policy Kit (Originary Declare)
Brand: Originary

Write peac-policy.yaml. Generate /.well-known/peac.txt, robots AI directives, AIPREF templates, and a human policy page.

Runs locally. No tracking.Deterministic evaluation.Multi-format output.

Install CLI View on GitHub

ORIGINARY™ - Open software. Built on PEAC Protocol.

What this does and does not do

What it does

Generates consistent policy surfaces from one source file
Reduces the busywork of maintaining multiple conflicting files
Provides documented intent for legal clarity
Positions you for future enforcement (402, receipts)
Runs locally with no tracking or SaaS dependency

What it does not do

Guarantee bot compliance (policy files are advisory)
Force crawlers to respect your rules
Replace your auth, rate limits, or access controls
Provide legal protection by itself

Enforcement requires controls you run: rate limits, authentication, HTTP 402 challenges, and PEAC receipts. Policy Kit handles the declaration layer - consistent signals across all surfaces. Enforcement comes from your infrastructure.

Output files

From a single peac-policy.yaml, Policy Kit generates:

.well-known/peac.txt

The primary AI policy discovery file. Advertises your AIPREF URL, 402 access control, payment adapters (x402, gateways), provenance (C2PA), receipt verification endpoint, and public keys.

Who reads this: AI agents, crawlers, PEAC-compatible clients

robots-ai-snippet.txt

A block to append to robots.txt pointing AI crawlers at /.well-known/peac.txt instead of ad hoc files.

Who reads this: AI crawlers checking robots.txt

aipref-headers.json

AIPREF JSON document and HTTP header templates so AIPREF-compatible crawlers see the same policy that PEAC-Receipts snapshot.

Who reads this: AIPREF-compatible crawlers, CDN edge configs

ai-policy.md

Human-readable policy page in Markdown explaining your AI rules for lawyers, users, and partners.

Who reads this: Humans, legal teams, compliance audits

Policy Profiles

Pre-built configurations for common use cases. Start with a profile, customize as needed.

news-media

Optimized for publishers. Allows indexing and search, requires attribution, restricts training without license.

Best for: News sites, blogs, content publishers

api-provider

Monetization-focused. Enables 402 payment challenges, receipt requirements, rate limiting.

Best for: SaaS APIs, data providers, AI services

open-source

Permissive defaults. Allows most uses with attribution, designed for community projects.

Best for: OSS projects, documentation, educational content

saas-docs

Balanced approach. Allows AI assistance for docs, restricts training on proprietary content.

Best for: Product documentation, help centers, knowledge bases

# Initialize with a profile
peac policy init --profile news-media

Quickstart (CLI)

Install the PEAC CLI and initialize your first policy file

1. Install the PEAC CLI

# Using npm
npm install -g @peac/cli

# Using pnpm (recommended)
pnpm add -g @peac/cli

2. Initialize your policy file

# Inside your site repo
peac policy init

# This creates peac-policy.yaml with prompts for:

crawl

Web crawling and data collection

index

Search engine indexing

train

ML/AI model training

inference

RAG and real-time inference

ai_input

Direct AI consumption

ai_index

AI search indexing

3. Generate your policy surfaces

peac policy generate --out ./public

# This creates:
# ./public/.well-known/peac.txt
# ./public/robots-ai-snippet.txt
# ./public/aipref-headers.json
# ./public/ai-policy.md

4. Validate anytime

peac policy validate

Validates peac-policy.yaml and generated files against PEAC 0.10.0 schemas.

5. Explain rulesNEW

# See effective rule for a specific subject and purpose
peac policy explain --subject agent:openai --purpose train

# Output: DENY (rule 2: "block-training-bots")

Debug your policy by testing specific subject + purpose combinations. Uses first-match-wins semantics.

View full documentation

Deployment recipes

Drop your generated files into any hosting environment

Static hosting (Vercel, Netlify, GitHub Pages)

Copy generated files to your public/ folder. The .well-known/ directory is served automatically.

cp -r .well-known public/
cp robots-ai-snippet.txt public/

Next.js

Place files in public/.well-known/ or create a route handler for dynamic serving.

# Static: public/.well-known/peac.txt
# Dynamic: app/.well-known/peac.txt/route.ts

Cloudflare Workers

Serve /.well-known/peac.txt from a Worker or static assets.

# wrangler.toml: [site] bucket = "./public"

WordPress plugin (coming soon)

One-click publish of /.well-known/peac.txt + ai-policy page.

Roadmap

Policy Kit tracks the PEAC 0.10.0 protocol line. Small, reliable, boring.

v0.10.0

Full CLI: policy init, policy generate, policy validate, policy explain. Policy Profiles (news-media, api-provider, open-source, saas-docs). First-match-wins evaluation.

Site checker + web wizard: Paste your domain, we fetch what you currently serve and show contradictions + missing pieces. Diff view before regenerating.

Later

Evidence mode: Export configs for Gateway 402 and Verify API so HTTP 402 challenges and PEAC-Receipts derive from the same policy source.

Policy Kit FAQ

Common questions about AI policy and compliance

What is Policy Kit?

Where do I publish policy?

Can I set different terms by path or agent type?

How do receipts relate to policy?

Does Policy Kit force payments?

Ready to declare your AI policy?

Start with the CLI. Add enforcement (Trace, 402, receipts) when ready.

Get PEAC CLI Learn PEAC Protocol