Expand description
Permission system for agent capability management
This crate provides a comprehensive capability-based permission system for brainwires agents, including:
- Capabilities: Granular control over filesystem, tools, network, git, and spawning
- Profiles: Pre-defined capability sets (read_only, standard_dev, full_access)
- Configuration: TOML-based configuration via ~/.brainwires/permissions.toml
- Policies: Rule-based enforcement with conditions and actions
- Audit: Event logging with querying and statistics
- Trust: Trust levels, violation tracking, and trust factor management
Re-exports§
pub use config::PermissionsConfig;pub use config::default_permissions_path;pub use config::ensure_permissions_dir;pub use profiles::CapabilityProfile;pub use types::AgentCapabilities;pub use types::FilesystemCapabilities;pub use types::GitCapabilities;pub use types::GitOperation;pub use types::NetworkCapabilities;pub use types::PathPattern;pub use types::ResourceQuotas;pub use types::SpawningCapabilities;pub use types::ToolCapabilities;pub use types::ToolCategory;pub use policy::EnforcementMode;pub use policy::Policy;pub use policy::PolicyAction;pub use policy::PolicyCondition;pub use policy::PolicyDecision;pub use policy::PolicyEngine;pub use policy::PolicyRequest;pub use audit::ActionOutcome;pub use audit::AuditEvent;pub use audit::AuditEventType;pub use audit::AuditLogger;pub use audit::AuditQuery;pub use audit::AuditStatistics;pub use audit::FeedbackPolarity;pub use audit::FeedbackSignal;pub use anomaly::AnomalyConfig;pub use anomaly::AnomalyDetector;pub use anomaly::AnomalyEvent;pub use anomaly::AnomalyKind;pub use trust::TrustFactor;pub use trust::TrustLevel;pub use trust::TrustManager;pub use trust::TrustStatistics;pub use trust::ViolationSeverity;pub use approval::ApprovalAction;pub use approval::ApprovalDetails;pub use approval::ApprovalRequest;pub use approval::ApprovalResponse;pub use approval::ApprovalSeverity;
Modules§
- anomaly
- Anomaly detection for the audit system.
- approval
- Runtime approval request/response types
- audit
- Audit System - Comprehensive logging for security and compliance
- config
- Permission configuration loading
- policy
- Policy Engine - Declarative rule-based access control
- profiles
- Capability profile presets
- trust
- Trust Factor System - Dynamic trust scoring for agents
- types
- Core permission system types