Currently apex-pdp expects the entire policy to be an escaped json string. And hence deploy policy fails if any part of it even the urls are unescaped.

Ideally, apex-pdp should expect a json object coming as policy and deploy the same in the pdp engine directly instead of conversions.