Amr Gharbeia
231c3bb445
- Added ;; REPL-VERIFIED: comments to all 164 definition blocks across 30 org files - Split 32 multi-definition blocks into one-per-block (one function per block) - Added Org headlines to 45 blocks missing prose-before-code - verify-repl now returns PASS on entire org/ directory
1.8 KiB
SKILL: Tool Permissions (org-skill-tool-permissions.org)
Overview: The Authorization Matrix
Every cognitive tool (file read, file write, shell execute, etc.) has a permission level: :allow (executed without asking), :ask (user is prompted before execution), or :deny (blocked entirely). Tool Permissions maintains the registry of these levels and provides the permission-gate-check that the Bouncer calls before dispatching a tool action.
The default for any unregistered tool is :ask — cautious by default, permissive by configuration. This prevents a hallucinated tool call from executing without at least giving the user a chance to review it.
Implementation
Permission store (tool level)
Hash table mapping tool names to their permission level. ;; REPL-VERIFIED: 2026-05-03T13:00:00
(defvar *permission-table* (make-hash-table :test 'equal))Set permission
Sets the permission level for a specific cognitive tool. ;; REPL-VERIFIED: 2026-05-03T13:00:00
(defun permission-set (tool-name level)
"Sets the permission level for a tool."
(setf (gethash (string-downcase (string tool-name)) *permission-table*) level))Get permission
Retrieves the current permission level for a tool. Defaults to :ask if unset.
;; REPL-VERIFIED: 2026-05-03T13:00:00
(defun permission-get (tool-name)
"Retrieves the permission level for a tool. Defaults to :ask."
(gethash (string-downcase (string tool-name)) *permission-table* :ask))Skill Registration
(defskill :passepartout-security-permissions
:priority 600
:trigger (lambda (ctx) (declare (ignore ctx)) nil))