profullstack · ralyodio · Jun 14, 2026 · Jun 14, 2026
diff --git a/packages/account-core/src/index.test.ts b/packages/account-core/src/index.test.ts
@@ -41,6 +41,34 @@ describe("account-core", () => {
     expect(result.decision).toBe("approval_required");
   });
 
+  it.each([
+    { principal: { type: "agent" as const, id: "trusted-agent", trusted: true }, expected: "allow" },
+    { principal: { type: "agent" as const, id: "untrusted-agent", trusted: false }, expected: "approval_required" },
+    { principal: undefined, expected: "approval_required" }
+  ])("enforces trusted-agent policies for $expected decisions", ({ principal, expected }) => {
+    const result = evaluateAccountPolicy({
+      action: "social:profile:read",
+      principal,
+      grant: {
+        id: "grant_trusted_agent",
+        accountId: "account_1",
+        principal: { type: "agent", id: "trusted-agent" },
+        permissions: ["social:profile:read"],
+        policy: [
+          {
+            id: "trusted_read",
+            resource: "social:profile",
+            action: "social:profile:read",
+            default: "allow_if_trusted_agent"
+          }
+        ],
+        createdAt: new Date(0).toISOString()
+      }
+    });
+
+    expect(result.decision).toBe(expected);
+  });
+
   it("redacts secret-like audit previews", () => {
     const event = createAccountAuditEvent({
       provider: "gmail",

diff --git a/packages/account-core/src/policy.ts b/packages/account-core/src/policy.ts
@@ -70,8 +70,10 @@ export function evaluateAccountPolicy(input: LogicSrcPolicyEvaluationInput): Log
   if (policy?.default === "approval_required") {
     return { decision: "approval_required", riskScore, reason: `policy ${policy.id} requires approval` };
   }
-  if (policy?.default === "allow_if_trusted_agent" && input.principal?.trusted) {
-    return { decision: "allow", riskScore, reason: `policy ${policy.id} allows trusted principal` };
+  if (policy?.default === "allow_if_trusted_agent") {
+    return input.principal?.trusted
+      ? { decision: "allow", riskScore, reason: `policy ${policy.id} allows trusted principal` }
+      : { decision: "approval_required", riskScore, reason: `policy ${policy.id} requires a trusted principal` };
   }
   if (policy?.default === "allow_if_below_risk_score") {
     const maxRiskScore = typeof policy.conditions?.maxRiskScore === "number" ? policy.conditions.maxRiskScore : 0.25;