Crate toolcap

Expand description

Toolcap: A library for expressing and evaluating tool-use permissions in agentic applications.

Toolcap evaluates operations against rulesets to produce permission decisions.

§Example

use toolcap::{Ruleset, Rule, Matcher, Operation, Outcome};

let ruleset = Ruleset::new(vec![
    // Allow read-only git commands
    Rule::new(
        Matcher::command("git").with_subcommands(["status", "log", "diff"]),
        Outcome::Allow,
    ),
    // Deny destructive git commands
    Rule::new(
        Matcher::command("git").with_subcommands(["push", "reset"]),
        Outcome::Deny,
    ),
]);

let op = Operation::execute("git status");
assert_eq!(ruleset.evaluate(&op), Outcome::Allow);

let op = Operation::execute("git push");
assert_eq!(ruleset.evaluate(&op), Outcome::Deny);

let op = Operation::execute("rm -rf /");
assert_eq!(ruleset.evaluate(&op), Outcome::Unknown);

Modules§

shell: Shell command parsing for fine-grained permission matching.

Structs§

ExecuteOperation: Holds parsed command data for execute operations.
Rule: A rule pairs a matcher (predicate) with an outcome (allow or deny).
Ruleset: A ruleset is an ordered list of rules.

Enums§

Matcher: A matcher is a predicate that determines whether a rule applies to an operation.
Operation: An operation represents an attempted tool use by an agent.
Outcome: The result of evaluating an operation against a ruleset.

Crate toolcap

Crate toolcap Copy item path

§Example

Modules§

Structs§

Enums§

Crate toolcap