agentshield/ir/
tool_surface.rs

1use serde::{Deserialize, Serialize};
2
3use super::SourceLocation;
4
5/// A declared tool/function exposed by the extension.
6#[derive(Debug, Clone, Serialize, Deserialize)]
7pub struct ToolSurface {
8    pub name: String,
9    pub description: Option<String>,
10    /// JSON Schema of the tool's input parameters.
11    pub input_schema: Option<serde_json::Value>,
12    /// JSON Schema of the tool's output.
13    pub output_schema: Option<serde_json::Value>,
14    /// Permissions declared by the tool (if any).
15    pub declared_permissions: Vec<DeclaredPermission>,
16    /// Source location where the tool is defined.
17    pub defined_at: Option<SourceLocation>,
18}
19
20#[derive(Debug, Clone, Serialize, Deserialize)]
21pub struct DeclaredPermission {
22    pub permission_type: PermissionType,
23    /// e.g., "filesystem:/tmp/*"
24    pub target: Option<String>,
25    pub description: Option<String>,
26}
27
28#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash, Serialize, Deserialize)]
29#[serde(rename_all = "snake_case")]
30pub enum PermissionType {
31    FileRead,
32    FileWrite,
33    NetworkAccess,
34    ProcessExec,
35    EnvAccess,
36    DatabaseAccess,
37    Unknown,
38}
agentshield/ir/tool_surface.rs

agentshield/ir/
tool_surface.rs
