Spend policies
Set per-purchase, daily, and monthly spend limits for autonomous agent purchasing.
Spend policies let you define exactly how much an agent token is allowed to spend autonomously — with per-purchase limits, daily and monthly caps, vendor allowlists, and blocked package types. When a purchase would exceed a policy limit, the API returns HTTP 402 with an approvalUrl for human review.
Why spend policies?
mog is designed for autonomous agents. An agent running inside Cursor or Claude Code can call mog install --auto-buy without any human in the loop. Spend policies make this safe by letting you define guardrails that are enforced server-side — not just checked by CLI flags.
Even if a compromised agent tries to override the CLI flags, the server will reject purchases that violate the policy attached to the token.
Policy fields
| Field | Type | Default | Description |
|---|---|---|---|
maxPerPurchaseCents | number | 1000 | Maximum price in cents for a single purchase. Packages above this price trigger an approval flow. |
dailyLimitCents | number | 5000 | Maximum total spend per calendar day. |
monthlyLimitCents | number | 20000 | Maximum total spend per calendar month. |
requireApprovalAboveCents | number | 500 | Any single purchase above this price requires explicit human approval, even if it's within the maxPerPurchaseCents limit. |
vendorAllowlist | string[] | [] | If non-empty, only vendors in this list can be purchased autonomously. |
blockedTypes | string[] | [] | Package types that are always blocked. E.g. ["bundle"] to prevent purchasing bundles. |
active | boolean | true | Whether this policy is currently enforced. |
Creating a policy
Policies are managed from your account dashboard. You can create multiple policies with different names, then attach specific policies to specific API tokens.
Example: conservative agent policy
{
"name": "CI agent",
"maxPerPurchaseCents": 500,
"dailyLimitCents": 2000,
"monthlyLimitCents": 10000,
"requireApprovalAboveCents": 100,
"vendorAllowlist": ["trusted-org", "verified-vendor"],
"blockedTypes": ["bundle", "template"],
"active": true
}With this policy, the agent token can only:
- Purchase packages from
trusted-orgorverified-vendor - Buy packages costing $1.00 or less without approval
- Spend up to $20.00 per day and $100.00 per month
- Never purchase bundles or templates
Example: open policy for personal use
{
"name": "personal",
"maxPerPurchaseCents": 5000,
"dailyLimitCents": 20000,
"monthlyLimitCents": 100000,
"requireApprovalAboveCents": 2500,
"vendorAllowlist": [],
"blockedTypes": [],
"active": true
}Attaching a policy to a token
When you generate an API token (or during the device code flow), you can attach a spend policy. The policy is then enforced for every purchase made with that token.
A token without an attached policy has no spend restrictions — it can purchase any published listing. Use this for personal tokens only; always attach a policy to tokens used by autonomous agents.
The approval flow
When a purchase is blocked by policy, the API returns HTTP 402 with an approvalUrl:
// HTTP 402
{
"status": "approval_required",
"approvalUrl": "https://mog.md/purchases/approve?listing=uuid",
"reason": "Price (1500¢) exceeds your policy limit (1000¢)"
}The CLI exits with code 2 and prints the URL. In --json mode:
{
"ok": false,
"command": "install",
"error": "Price (1500¢) exceeds your policy limit (1000¢)",
"approvalUrl": "https://mog.md/purchases/approve?listing=uuid"
}Human approval workflow
- Agent runs
mog install vendor/pkg --auto-buy - Purchase blocked → CLI exits with code 2, prints
approvalUrl - Agent notifies a human (e.g. posts the URL to Slack, creates a GitHub issue)
- Human visits the
approvalUrl, reviews the package, and approves - Agent re-runs the install command (the purchase now succeeds)
Organization spend policies
Organizations can have their own spend policies that apply automatically when any member purchases on behalf of the org wallet.
Key behavior: The org policy takes priority over the API token holder's personal policy. If a purchase is made with an orgSlug set (or via mog org switch), the org's spend policy is used instead of the token's attached policy.
Create and manage org policies via POST /v1/orgs/:slug/policies (admin or owner only). The policy fields are identical to personal spend policies. If no org policy is configured, the individual token holder's policy applies.
This lets org admins define a single corporate spend policy without requiring each member to configure their own token.
Metered service calls
Spend policies also govern wallet deductions from metered service calls (mog.callTool() or POST /v1/services/:vendor/:slug/call). When an agent calls a metered tool, the per-call cost is deducted from the wallet — and daily/monthly caps are checked against the cumulative wallet spend, including both package purchases and metered usage.
The vendorAllowlist applies to metered calls as well: if the tool's vendor is not in the allowlist, the call is rejected.
Policy enforcement logic
The server checks policies in this order on every purchase and metered call:
- Blocked types: If
listing.typeis inpolicy.blockedTypes→ 402 - Vendor allowlist: If
vendorAllowlistis non-empty andlisting.vendorSlugis not in the list → 402 - Price ceiling: If
listing.priceCentsexceeds the effective max → 402
Using spend policies in agent code
Here's how a well-behaved agent handles the approval flow:
import { execSync } from 'child_process'
function installSkill(pkg: string, maxPriceCents: number) {
try {
const result = JSON.parse(
execSync(`mog install ${pkg} --auto-buy --max-price ${maxPriceCents} --json`).toString()
)
console.log('Installed:', result.data.version)
} catch (err: any) {
const output = JSON.parse(err.stdout?.toString() ?? '{}')
if (output.approvalUrl) {
// Signal to the human in the loop
notifyHuman(`mog install blocked. Approve at: ${output.approvalUrl}`)
} else {
throw err
}
}
}