The PLL endpoint returns arbitrary ldap attributes as "response decisions" when the agent specifies them in its policy query. This facility isn't present in the corresponding JSON endpoint: /json/policies?_action=evaluate.
These attributes are used by the agent to alter the headers of the request (or cookies) – they are mapped to arbitrary header or cookie names. They are similar to, though not the same as "response attributes", which the JSON endpoint does return correctly.
The "response decisions" are additional values that can be set in the agent configuration without being set as "response attributes" in the policy. For example, in PLL, if you add "<GetResponseDecisions><Attribute name="mail"/></GetResponseDecisions>" inside the GetResourceResult element, you can get back the value of mail in a ResponseDecision element thus:
without "mail" being set as a response attribute for the policy.