pub trait SandboxPolicy: Send + Sync {
// Required methods
fn classify(&self, ctx: PolicyCtx<'_>) -> PolicyDecision;
fn record(&self, ctx: PolicyCtx<'_>, outcome: RecordedOutcome);
}Expand description
A decision-maker for tool invocations.
The implementation must be purely functional: classify performs no I/O and no
persistence; persisting the “authorized” table is done via Self::record.
Required Methods§
fn classify(&self, ctx: PolicyCtx<'_>) -> PolicyDecision
Sourcefn record(&self, ctx: PolicyCtx<'_>, outcome: RecordedOutcome)
fn record(&self, ctx: PolicyCtx<'_>, outcome: RecordedOutcome)
A write-back hook invoked after the user responds to an Ask.
The main loop calls this once after receiving
crate::event::PermissionResolution::Selected but before enqueuing the tool
for execution or rejecting it. outcome.allows() has already been resolved from
AskOption::allows.
Dyn Compatibility§
This trait is dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety".