Shadow Mode

Shadow Mode allows you to test new policies or changes in a live production environment without the risk of false positives disrupting legitimate agent workflows. It is a critical capability within the ABS Core immune system.

When a policy is activated in Shadow Mode, the ABS Engine evaluates all incoming API and tool calls against it. If an action violates the policy, the system logs the violation but allows the action to proceed.

Why Shadow Mode?

AI agents exhibit highly dynamic behaviors. Unlike deterministic application code where testing is straightforward, an agent might choose a completely unexpected (but valid) path to solve a problem. Strict policy enforcement can block these valid paths if the policy is too narrow (False Positive).

Shadow Mode solves this by allowing a "dry run":

1. Deploy the policy in shadow mode.
2. Observe the decision logs over a period (e.g., 24 hours).
3. Refine the rules or prompt instructions to eliminate false positives.
4. Enforce the policy as a hard block once confidence is high.

Technical Mechanism

When a payload hits the ABS Core, all enabled policies are evaluated in parallel by the WASM kernel in < 5ms.

For each policy, the engine flags it as either enforced or shadow.

• If an enforced policy returns DENY, the entire request is blocked immediately, and a 403 Forbidden is returned to the agent.
• If only shadow policies return DENY, the engine still logs the DENY decision into the immutable ledger and telemetry stream, but overrides the final return status to ALLOW.

Example Log Output

{
  "timestamp": "2026-03-01T12:00:00Z",
  "result": "ALLOW",
  "shadow_violations": [
    {
       "policy_id": "pol_geo_strict",
       "reason": "Request originated from non-whitelisted region."
    }
  ]
}

How to Enable

You can configure Shadow Mode dynamically without editing policy code directly. See the Policy Simulate and Telemetry sections on how to inject isShadow=true metadata into your control plane deployments.