Spend policies
Set per-purchase, daily, and monthly spend limits for autonomous agent purchasing.
Spend policies let you define exactly how much an agent token is allowed to spend autonomously — with per-purchase limits, daily and monthly caps, vendor allowlists, and blocked package types. When a purchase would exceed a policy limit, the API returns HTTP 402 with an approvalUrl for human review.
Why spend policies?
mog is designed for autonomous agents. An agent running inside Cursor or Claude Code can call mog install --auto-buy without any human in the loop. Spend policies make this safe by letting you define guardrails that are enforced server-side — not just checked by CLI flags.
Even if a compromised agent tries to override the CLI flags, the server will reject purchases that violate the policy attached to the token.
Policy fields
| Field | Type | Default | Description |
|---|---|---|---|
maxPerPurchaseCents | number | 1000 | Maximum price in cents for a single purchase. Packages above this price trigger an approval flow. |
dailyLimitCents | number | 5000 | Maximum total spend per calendar day. |
monthlyLimitCents | number | 20000 | Maximum total spend per calendar month. |
requireApprovalAboveCents | number | 500 | Any single purchase above this price requires explicit human approval, even if it's within the maxPerPurchaseCents limit. |
vendorAllowlist | string[] | [] | If non-empty, only vendors in this list can be purchased autonomously. |
blockedTypes | string[] | [] | Package types that are always blocked. E.g. ["bundle"] to prevent purchasing bundles. |
active | boolean | true | Whether this policy is currently enforced. |
Creating a policy
Policies are managed from your account dashboard. You can create multiple policies with different names, then attach specific policies to specific API tokens.
Example: conservative agent policy
{
"name": "CI agent",
"maxPerPurchaseCents": 500,
"dailyLimitCents": 2000,
"monthlyLimitCents": 10000,
"requireApprovalAboveCents": 100,
"vendorAllowlist": ["trusted-org", "verified-vendor"],
"blockedTypes": ["bundle", "template"],
"active": true
}With this policy, the agent token can only:
- Purchase packages from
trusted-orgorverified-vendor - Buy packages costing $1.00 or less without approval
- Spend up to $20.00 per day and $100.00 per month
- Never purchase bundles or templates
Example: open policy for personal use
{
"name": "personal",
"maxPerPurchaseCents": 5000,
"dailyLimitCents": 20000,
"monthlyLimitCents": 100000,
"requireApprovalAboveCents": 2500,
"vendorAllowlist": [],
"blockedTypes": [],
"active": true
}Attaching a policy to a token
When you generate an API token (or during the device code flow), you can attach a spend policy. The policy is then enforced for every purchase made with that token.
A token without an attached policy has no spend restrictions — it can purchase any published listing. Use this for personal tokens only; always attach a policy to tokens used by autonomous agents.
The approval flow
When a purchase is blocked by policy, the API returns HTTP 402 with an approvalUrl:
// HTTP 402
{
"status": "approval_required",
"approvalUrl": "https://mog.md/purchases/approve?listing=uuid",
"reason": "Price (1500¢) exceeds your policy limit (1000¢)"
}The CLI exits with code 2 and prints the URL. In --json mode:
{
"ok": false,
"command": "install",
"error": "Price (1500¢) exceeds your policy limit (1000¢)",
"approvalUrl": "https://mog.md/purchases/approve?listing=uuid"
}Human approval workflow
- Agent runs
mog install vendor/pkg --auto-buy - Purchase blocked → CLI exits with code 2, prints
approvalUrl - Agent notifies a human (e.g. posts the URL to Slack, creates a GitHub issue)
- Human visits the
approvalUrl, reviews the package, and approves - Agent re-runs the install command (the purchase now succeeds)
Policy enforcement logic
The server checks policies in this order on every purchase:
- Blocked types: If
listing.typeis inpolicy.blockedTypes→ 402 - Vendor allowlist: If
vendorAllowlistis non-empty andlisting.vendorSlugis not in the list → 402 - Price ceiling: If
listing.priceCentsexceeds the effective max → 402
Using spend policies in agent code
Here's how a well-behaved agent handles the approval flow:
import { execSync } from 'child_process'
function installSkill(pkg: string, maxPriceCents: number) {
try {
const result = JSON.parse(
execSync(`mog install ${pkg} --auto-buy --max-price ${maxPriceCents} --json`).toString()
)
console.log('Installed:', result.data.version)
} catch (err: any) {
const output = JSON.parse(err.stdout?.toString() ?? '{}')
if (output.approvalUrl) {
// Signal to the human in the loop
notifyHuman(`mog install blocked. Approve at: ${output.approvalUrl}`)
} else {
throw err
}
}
}