will/flynn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(tools): enforce skill capabilities and secret scopes

Browse Source
This commit is contained in:
William Valentin
2026-02-15 10:16:51 -08:00
parent 9900f41057
commit 3451df41b9
11 changed files with 483 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/tools/policy.test.ts
+30
View File
@@ -493,6 +493,36 @@ describe('ToolPolicy', () => {
});
});
describe('skill capability restrictions', () => {
it('intersects tool policy with skill tool_groups', () => {
const policy = new ToolPolicy(defaultConfig({ profile: 'full' }));
const allowed = policy.resolveAllowedNames(ALL_TOOL_NAMES, {
skillName: 'web-only-skill',
skillPermissions: { tool_groups: ['group:web'] },
});
expect(allowed.has('web.fetch')).toBe(true);
expect(allowed.has('web.search')).toBe(true);
expect(allowed.has('shell.exec')).toBe(false);
expect(allowed.has('file.write')).toBe(false);
});
it('uses explicit permissions.tools when present (overrides tool_groups)', () => {
const policy = new ToolPolicy(defaultConfig({ profile: 'full' }));
const allowed = policy.resolveAllowedNames(ALL_TOOL_NAMES, {
skillName: 'explicit-tool-skill',
skillPermissions: {
tool_groups: ['group:fs'],
tools: ['web.fetch'],
},
});
expect(allowed.has('web.fetch')).toBe(true);
expect(allowed.has('file.read')).toBe(false);
expect(allowed.has('file.write')).toBe(false);
});
});
describe('edge cases', () => {
it('handles empty tool list', () => {
const policy = new ToolPolicy(defaultConfig());