Skip to main content
Dotset CLI API Documentation / tollgate / ToolPolicy

Interface: ToolPolicy

Defined in: src/tollgate/policy/types.ts:76 Configuration for controlling access to a specific tool. Tool policies define how Tollgate should handle requests to invoke a particular tool. The simplest form just specifies an action, but policies can include smart analysis, session memory, and custom messages.

Example

// Simple policy
const readPolicy: ToolPolicy = { action: 'allow' };

// Smart analysis policy
const sqlPolicy: ToolPolicy = {
  action: 'smart',
  analyzer: 'sql',
  risks: {
    read: 'allow',
    write: 'prompt',
    destructive: 'deny'
  }
};

Properties

action

action: PolicyAction;
Defined in: src/tollgate/policy/types.ts:78 The action to take when this tool is invoked

analyzer?

optional analyzer: string;
Defined in: src/tollgate/policy/types.ts:87 Analyzer to use for smart content analysis (‘sql’, ‘filesystem’, ‘shell’, or ‘auto’)

conditions?

optional conditions: PolicyCondition[];
Defined in: src/tollgate/policy/types.ts:93 Legacy condition-based evaluation (deprecated, use analyzers instead)

message?

optional message: string;
Defined in: src/tollgate/policy/types.ts:81 Custom message to display when prompting for approval

reason?

optional reason: string;
Defined in: src/tollgate/policy/types.ts:84 Reason for the policy decision (shown when denying)

risks?

optional risks: RiskMapping;
Defined in: src/tollgate/policy/types.ts:90 Risk level to action mapping for smart analysis

session?

optional session: SessionConfig;
Defined in: src/tollgate/policy/types.ts:96 Session-based approval configuration