tools: drop NotebookEdit from the agent whitelist
This commit is contained in:
müde
parent
9716f20f81
commit
edc1de3197
2 changed files with 5 additions and 5 deletions
|
|
@ -222,10 +222,11 @@ line (broker's `count_pending`). When adding new tools (manager surface,
|
|||
notes/state, etc.), use `run_tool` and they pick up the envelope for free.
|
||||
|
||||
**Tool whitelist** (see `ALLOWED_BUILTIN_TOOLS` in `hive-ag3nt::mcp`):
|
||||
- Allowed built-ins: `Bash`, `Edit`, `Glob`, `Grep`, `NotebookEdit`, `Read`,
|
||||
`TodoWrite`, `Write`.
|
||||
- Denied by omission: `WebFetch`, `WebSearch`, `Task` — no external egress
|
||||
or nested-agent spawning until we have a real policy story.
|
||||
- Allowed built-ins: `Bash`, `Edit`, `Glob`, `Grep`, `Read`, `TodoWrite`,
|
||||
`Write`.
|
||||
- Denied by omission: `WebFetch`, `WebSearch`, `Task`, `NotebookEdit` —
|
||||
no external egress, nested-agent spawning, or Jupyter handling until we
|
||||
have a real policy story.
|
||||
- Allowed MCP tools: `mcp__hyperhive__send`, `mcp__hyperhive__recv`.
|
||||
|
||||
`Bash` is on the allow-list "for now" — pending a finer-grained allow-list
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue