Trait Guard

Source

pub trait Guard: Send + Sync {
    // Required methods
    fn name(&self) -> &str;
    fn evaluate(&self, ctx: &GuardContext<'_>) -> Result<Verdict, KernelError>;
}

Expand description

A policy guard that the kernel evaluates before forwarding a tool call.

Guards are the same concept as ClawdStrike’s Guard trait, adapted for the Chio tool-call context. Each guard inspects the request and returns a verdict.

Required Methods§

Source

fn name(&self) -> &str

Human-readable guard name (e.g., “forbidden-path”).

Source

fn evaluate(&self, ctx: &GuardContext<'_>) -> Result<Verdict, KernelError>

Evaluate the guard against a tool call request.

Returns Ok(Verdict::Allow) to pass, Ok(Verdict::Deny) to block, or Err on internal failure (which the kernel treats as deny).

Guard

Trait Guard Copy item path

Required Methods§

fn name(&self) -> &str

fn evaluate(&self, ctx: &GuardContext<'_>) -> Result<Verdict, KernelError>

Implementors§

Trait Guard