Struct Policy 

pub struct Policy {
    pub allow_effects: BTreeSet<String>,
    pub allow_fs_read: Vec<PathBuf>,
    pub allow_fs_write: Vec<PathBuf>,
    pub allow_net_host: Vec<String>,
    pub allow_proc: Vec<String>,
    pub budget: Option<u64>,
}

Policy a program is run under. Empty allowlist = pure-only execution.

Fields

allow_effects: BTreeSet<String>

allow_fs_read: Vec<PathBuf>

allow_fs_write: Vec<PathBuf>

allow_net_host: Vec<String>

Per-host scope on the [net] effect. Empty = any host (when [net] is in allow_effects); non-empty = only requests to these hosts succeed. Hosts compare against the URL’s host substring (port-agnostic). Lets a tool be granted [net] but scoped to e.g. api.openai.com only — without this, [net] is a blank check to exfiltrate anywhere.

allow_proc: Vec<String>

Per-binary scope on the [proc] effect. Empty = ANY binary allowed once [proc] is granted (treat as a global escape hatch; only acceptable for trusted code). Non-empty = proc.spawn(cmd, args) must match cmd against the basename portion of one of these entries. Per-arg validation is the caller’s responsibility — see SECURITY.md’s “argument injection” note.

budget: Option<u64>

Implementations

impl Policy

pub fn pure() -> Self

pub fn permissive() -> Self

Trait Implementations

impl Clone for Policy

fn clone(&self) -> Policy

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Policy

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for Policy

fn default() -> Policy

Returns the “default value” for a type.