user and guardian

codex-rs/app-server-protocol/schema/json/codex_app_server_protocol.v2.schemas.json

@@ -536,6 +536,15 @@
     "AppToolsConfig": {
       "type": "object"
     },
+    "ApprovalSourceMetadata": {
+      "enum": [
+        "guardian",
+        "user",
+        "policy",
+        "unknown"
+      ],
+      "type": "string"
+    },
     "ApprovalsReviewer": {
       "description": "Configures who approval requests are routed to for review. Examples include sandbox escapes, blocked network access, MCP approval prompts, and ARC escalations. Defaults to `user`. `guardian_subagent` uses a carefully prompted subagent to gather relevant context and apply a risk-based decision framework before approving or denying the request.",
       "enum": [
@@ -7515,6 +7524,16 @@
     },
     "ResponseItemMetadata": {
       "properties": {
+        "approval_source": {
+          "anyOf": [
+            {
+              "$ref": "#/definitions/ApprovalSourceMetadata"
+            },
+            {
+              "type": "null"
+            }
+          ]
+        },
         "is_tool_call_escalated": {
           "type": [
             "boolean",