From e984da1514b95c7e5d655166666b23ff98749239 Mon Sep 17 00:00:00 2001 From: Arun Isaac Date: Fri, 10 Apr 2026 00:21:15 +0100 Subject: Implement persistent tool permissions. We store a list of allowed and rejected tools in the session state, and pass it on to spec->tool-call so it can set an appropriate tool call status. Then, request permission from the client only if the tool call hasn't been pre-approved or pre-rejected. --- kaakaa/tools.scm | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'kaakaa/tools.scm') diff --git a/kaakaa/tools.scm b/kaakaa/tools.scm index d975201..cb8fd3c 100644 --- a/kaakaa/tools.scm +++ b/kaakaa/tools.scm @@ -146,7 +146,7 @@ tool-call-failure tool-call-failure? (message tool-call-failure-message)) -(define (spec->tool-call session-id session-cwd tools spec) +(define (spec->tool-call session-id session-cwd tools allowed-tools rejected-tools spec) "Deserialize JSON tool call @var{spec} into a @code{} object. Raise a @code{&tool-call-parse-failure} condition if deserialization fails. @@ -154,7 +154,8 @@ fails. @var{session-id} and @var{session-cwd} are the ID and current working directory of the session the tool call pertains to. @var{tools} is an association list mapping the names of all available tools to their respective @code{} -objects." +objects. @var{allowed-tools} and @var{rejected-tools} are the lists of tool +names that have been respectively allowed and rejected by the user in advance." ;; TODO: Assert that type is function, and do more sanitization. (let* ((args (guard (c (else (raise-exception @@ -190,7 +191,12 @@ objects." (string-append "Error: Missing required argument " arg-name)))))))) (tool-parameters tool)) - 'pending-approval))) + ;; Set tool call status based on pre-approved and pre-rejected + ;; tools. + (cond + ((member name allowed-tools) 'approved) + ((member name rejected-tools) 'rejected) + (else 'pending-approval))))) (define (eval-tool-call tool-call tools) "Evaluate @var{tool-call} and return a @code{} -- cgit 1.4.1