Is it possible to create a customized policy in Apigee Edge? (aside from the built-in policies)

Yes/No.

It is not possible to expand the set of policy types that Apigee Edge supports. For example, policy types include:

VerifyAPIKey, XMLToJSON, ExtractVariables, ServiceCallout, OAuthV2-GenerateAccessToken, OAuthV2-VerifyAccessToken, JavaScript, and so on.

It IS possible to do pretty much anything you wish to do, in a JavaScript step, or within a nodejs target. In the former case, the policy type would be 'Javascript' and you supply your own code, which can do anything you want it to do to the message, either request or response depending on where in the flow you place the policy.