policy

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 5, 2026 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AllowCommand 

func AllowCommand(profile Profile, risk CommandRisk, interactive bool) error

AllowCommand decides whether a slash command can run under current policy profile.

Types

type AuditEntry 

type AuditEntry struct {
	Time    time.Time
	Profile Profile
	Tool    string
	Args    map[string]any
	Allow   bool
	Reason  string // empty when allowed
}

AuditEntry is the data passed to an optional audit hook.

type CommandRisk 

type CommandRisk string

CommandRisk describes slash-command risk level. 

const (
	RiskLow    CommandRisk = "low"
	RiskMedium CommandRisk = "medium"
	RiskHigh   CommandRisk = "high"
)

type Config 

type Config struct {
	Profile     Profile
	Workspace   string
	Interactive bool
	OnAudit     func(AuditEntry) // nil = no auditing
}

Config configures the policy engine.

type Engine 

type Engine struct {
	// contains filtered or unexported fields
}

Engine validates tool calls before execution.

func New 

func New(cfg Config) *Engine

New creates a policy engine.

func (*Engine) Permission 

func (e *Engine) Permission(_ context.Context, call agentcore.ToolCall) error

Permission validates one tool call.

type Profile 

type Profile string

Profile controls how strict the permission policy is. 

const (
	ProfileOff      Profile = "off"
	ProfileBalanced Profile = "balanced"
	ProfileStrict   Profile = "strict"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.