Header menu logo Nao

ResourceAccess Type

A sensitive action a tool or agent wants to perform, together with the specific resource it targets. The permission system decides whether to allow it. This is the resource-level companion to the capability-level `Permission` model: where `Permission` asks "may this agent use tool X?", `ResourceAccess` asks "may this run touch THIS path or THIS url?".

Union cases

Union case Description

File(operation, path)

Full Usage: File(operation, path)

Parameters:
    operation : string
    path : string

Filesystem access at an absolute path. Operation is "read", "write", "delete", "list".

operation : string
path : string

ToolCall toolName

Full Usage: ToolCall toolName

Parameters:
    toolName : string

Invoke a named tool whose resource semantics the guard cannot introspect.

toolName : string

Web(operation, url)

Full Usage: Web(operation, url)

Parameters:
    operation : string
    url : string

Network access to a URL. Operation is the HTTP method ("GET"/"POST"/…) or "fetch".

operation : string
url : string

Instance members

Instance member Description

this.IsFile

Full Usage: this.IsFile

Returns: bool
Returns: bool

this.IsToolCall

Full Usage: this.IsToolCall

Returns: bool
Returns: bool

this.IsWeb

Full Usage: this.IsWeb

Returns: bool
Returns: bool

Type something to start searching.