fix(security): scope session tools and webhook secret fallback

2026-05-06 05:49:33 +00:00 · 2026-02-16 03:43:51 +01:00
parent fbe6d7c701
commit c6c53437f7
21 changed files with 796 additions and 22 deletions
--- a/src/config/types.tools.ts
+++ b/src/config/types.tools.ts
@@ -138,6 +138,8 @@ export type MediaToolsConfig = {

 export type ToolProfileId = "minimal" | "coding" | "messaging" | "full";

+export type SessionsToolsVisibility = "self" | "tree" | "agent" | "all";
+
 export type ToolPolicyConfig = {
  allow?: string[];
  /**
@@ -453,6 +455,21 @@ export type ToolsConfig = {
    /** Allowlist of agent ids or patterns (implementation-defined). */
    allow?: string[];
  };
+  /**
+   * Session tool visibility controls which sessions can be targeted by session tools
+   * (sessions_list, sessions_history, sessions_send).
+   *
+   * Default: "tree" (current session + spawned subagent sessions).
+   */
+  sessions?: {
+    /**
+     * - "self": only the current session
+     * - "tree": current session + sessions spawned by this session (default)
+     * - "agent": any session belonging to the current agent id (can include other users)
+     * - "all": any session (cross-agent still requires tools.agentToAgent)
+     */
+    visibility?: SessionsToolsVisibility;
+  };
  /** Elevated exec permissions for the host machine. */
  elevated?: {
    /** Enable or disable elevated mode (default: true). */