Skip to main content

ScopedToolExecutor

zeph_tools::scope

Struct ScopedToolExecutor 

Source 
pub struct ScopedToolExecutor<E: ToolExecutor> { /* private fields */ }
Expand description

Wraps any ToolExecutor and enforces a capability scope on both tool listing and dispatch.

§Type parameter

E is the inner executor (e.g., PolicyGateExecutor<TrustGateExecutor<CompositeExecutor>>).

§Examples

use std::collections::HashSet;
use zeph_tools::scope::{ScopedToolExecutor, ToolScope};
use zeph_tools::{ToolExecutor, ToolCall};
use zeph_common::ToolName;

// Build a full (no-op) scope — identity, admits everything.
let scope = ToolScope::full();

// Wrap some inner executor (omitted for brevity).
struct MockExecutor;
impl ToolExecutor for MockExecutor {
    async fn execute(&self, _: &str) -> Result<Option<zeph_tools::ToolOutput>, zeph_tools::ToolError> { Ok(None) }
}
let executor = ScopedToolExecutor::new(MockExecutor, scope);

Implementations§

Source§

impl<E: ToolExecutor> ScopedToolExecutor<E>

Source

pub fn new(inner: E, initial_scope: ToolScope) -> Self

Create a new ScopedToolExecutor with the given initial scope.

§Examples
use zeph_tools::scope::{ScopedToolExecutor, ToolScope};

struct Noop;
impl zeph_tools::ToolExecutor for Noop {
    async fn execute(&self, _: &str) -> Result<Option<zeph_tools::ToolOutput>, zeph_tools::ToolError> { Ok(None) }
}
let executor = ScopedToolExecutor::new(Noop, ToolScope::full());
Source

pub fn with_audit(self, audit: Arc<AuditLogger>) -> Self

Attach an audit logger so every OutOfScope rejection writes an audit entry.

Source

pub fn with_signal_queue(self, queue: RiskSignalQueue) -> Self

Attach a shared signal queue so OutOfScope rejections are recorded in the sentinel.

Source

pub fn register_scope(&mut self, name: impl Into<String>, scope: ToolScope)

Register a named scope for use with set_scope_for_task.

Source

pub fn set_scope_for_task(&self, task_type: &str) -> bool

Switch the active scope by task-type name. Returns false when the name is not found.

Source

pub fn set_scope(&self, scope: ToolScope)

Replace the active scope with the given one directly.

Source

pub fn scope_for_task(&self, task_type: &str) -> Option<Vec<String>>

Return the list of tool ids admitted by the scope for task_type.

Returns None when task_type is not registered.

§Examples
use zeph_tools::scope::{ScopedToolExecutor, ToolScope};

struct Noop;
impl zeph_tools::ToolExecutor for Noop {
    async fn execute(&self, _: &str) -> Result<Option<zeph_tools::ToolOutput>, zeph_tools::ToolError> { Ok(None) }
}
let mut executor = ScopedToolExecutor::new(Noop, ToolScope::full());
// scope_for_task returns None for unregistered task types
assert!(executor.scope_for_task("unknown").is_none());
Source

pub fn scope_at_definition_name(&self) -> Option<String>

Name of the active scope at the last tool_definitions() call (for audit).

Source

pub fn active_scope_name(&self) -> Option<String>

Name of the currently active scope (for audit at dispatch time).

Trait Implementations§

Source§

impl<E: ToolExecutor> ToolExecutor for ScopedToolExecutor<E>

Source§

fn tool_definitions(&self) -> Vec<ToolDef>

Return the filtered tool definitions visible to the LLM under the active scope.

Captures the active scope name into scope_at_definition for audit use.

Source§

async fn execute_tool_call( &self, call: &ToolCall, ) -> Result<Option<ToolOutput>, ToolError>

Execute a structured tool call, rejecting out-of-scope ids before any side-effect.

Returns ToolError::OutOfScope when the tool id is not in the active scope. The audit log entry at the call site must carry error_category = "out_of_scope".

Source§

async fn execute(&self, response: &str) -> Result<Option<ToolOutput>, ToolError>

Parse response for fenced tool blocks and execute them. Read more
Source§

async fn execute_confirmed( &self, response: &str, ) -> Result<Option<ToolOutput>, ToolError>

Execute bypassing confirmation checks (called after user approves). Read more
Source§

async fn execute_tool_call_confirmed( &self, call: &ToolCall, ) -> Result<Option<ToolOutput>, ToolError>

Execute a structured tool call bypassing confirmation checks. Read more
Source§

fn set_skill_env(&self, env: Option<HashMap<String, String>>)

Inject environment variables for the currently active skill. No-op by default. Read more
Source§

fn set_effective_trust(&self, level: SkillTrustLevel)

Set the effective trust level for the currently active skill. No-op by default. Read more
Source§

fn is_tool_retryable(&self, tool_id: &str) -> bool

Whether the executor can safely retry this tool call on a transient error. Read more
Source§

fn is_tool_speculatable(&self, tool_id: &str) -> bool

Whether a tool call can be safely dispatched speculatively (before the LLM finishes). Read more
Source§

fn requires_confirmation(&self, _call: &ToolCall) -> bool

Return true when call would require user confirmation before execution. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> ErasedToolExecutor for T
where T: ToolExecutor,

Source§

fn execute_erased<'a>( &'a self, response: &'a str, ) -> Pin<Box<dyn Future<Output = Result<Option<ToolOutput>, ToolError>> + Send + 'a>>

Source§

fn execute_confirmed_erased<'a>( &'a self, response: &'a str, ) -> Pin<Box<dyn Future<Output = Result<Option<ToolOutput>, ToolError>> + Send + 'a>>

Source§

fn tool_definitions_erased(&self) -> Vec<ToolDef>

Source§

fn execute_tool_call_erased<'a>( &'a self, call: &'a ToolCall, ) -> Pin<Box<dyn Future<Output = Result<Option<ToolOutput>, ToolError>> + Send + 'a>>

Source§

fn execute_tool_call_confirmed_erased<'a>( &'a self, call: &'a ToolCall, ) -> Pin<Box<dyn Future<Output = Result<Option<ToolOutput>, ToolError>> + Send + 'a>>

Source§

fn set_skill_env(&self, env: Option<HashMap<String, String>>)

Inject environment variables for the currently active skill. No-op by default.
Source§

fn set_effective_trust(&self, level: SkillTrustLevel)

Set the effective trust level for the currently active skill. No-op by default.
Source§

fn is_tool_retryable_erased(&self, tool_id: &str) -> bool

Whether the executor can safely retry this tool call on a transient error.
Source§

fn is_tool_speculatable_erased(&self, tool_id: &str) -> bool

Whether a tool call can be safely dispatched speculatively. Read more
Source§

fn requires_confirmation_erased(&self, call: &ToolCall) -> bool

Return true when call would require user confirmation before execution. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more