Skip to content

AD-901: Implement Permission Policy #22

Description

@alph-cmky

Source: docs/development/task-backlog.md

Milestone: Phase 9: Security and Audit


AD-901: Implement Permission Policy

Goal: Centralize runtime and workflow permission decisions.

Files:

  • Create apps/server/src/security/permission-policy.ts
  • Create apps/server/src/security/permission-policy.test.ts

Tasks:

  • Implement permissions for read, write, safe commands, arbitrary commands, network, install dependencies, git commit, and git push.
  • Require approval for dangerous permissions by default.
  • Commit with message feat: add permission policy.

Acceptance Criteria:

  • Default agent policy allows read-only behavior and rejects writes, installs, arbitrary commands, commits, and pushes.

Metadata

Metadata

Assignees

No one assigned

    Labels

    phase: 9Phase 9: Security and Audittype: securitySecurity-sensitive issue or hardening

    Projects

    Status
    Todo

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions