codetether_agent/a2a/worker_tool_registry/
policy.rs

1use crate::a2a::worker::AutoApprove;
2
3/// Return whether a tool may run under the selected auto-approve policy.
4///
5/// # Examples
6///
7/// ```rust
8/// use codetether_agent::a2a::worker::AutoApprove;
9/// use codetether_agent::a2a::worker_tool_registry::is_tool_allowed;
10///
11/// assert!(is_tool_allowed("read", AutoApprove::Safe));
12/// assert!(is_tool_allowed("todoread", AutoApprove::Safe));
13/// assert!(!is_tool_allowed("write", AutoApprove::Safe));
14/// assert!(is_tool_allowed("write", AutoApprove::All));
15/// ```
16pub fn is_tool_allowed(tool_name: &str, auto_approve: AutoApprove) -> bool {
17    matches!(auto_approve, AutoApprove::All) || is_safe_tool(tool_name)
18}
19
20/// Return whether a tool belongs to the worker's read-only safe list.
21///
22/// # Examples
23///
24/// ```rust
25/// use codetether_agent::a2a::worker_tool_registry::is_safe_tool;
26///
27/// assert!(is_safe_tool("read"));
28/// assert!(is_safe_tool("todoread"));
29/// assert!(!is_safe_tool("write"));
30/// ```
31pub fn is_safe_tool(tool_name: &str) -> bool {
32    [
33        "read",
34        "list",
35        "glob",
36        "grep",
37        "codesearch",
38        "lsp",
39        "webfetch",
40        "websearch",
41        "todoread",
42        "skill",
43    ]
44    .contains(&tool_name)
45}

codetether_agent/a2a/worker_tool_registry/policy.rs

codetether_agent/a2a/worker_tool_registry/
policy.rs