From ea8453736979af0e158f9935a220d394aa5459b0 Mon Sep 17 00:00:00 2001
From: colby-oai <228809017+colby-oai@users.noreply.github.com>
Date: Fri, 17 Apr 2026 13:27:49 -0400
Subject: [PATCH] Make app tool hint defaults pessimistic for app policies
 (#17232)

## Summary
- default missing app tool destructive/open-world hints to true for app
policies
- add regression tests for missing MCP annotations under restrictive app
config
---
 codex-rs/core/src/connectors.rs       |  4 +-
 codex-rs/core/src/connectors_tests.rs | 56 +++++++++++++++++++++++++++
 2 files changed, 58 insertions(+), 2 deletions(-)

diff --git a/codex-rs/core/src/connectors.rs b/codex-rs/core/src/connectors.rs
index 97a46e6143..480c163147 100644
--- a/codex-rs/core/src/connectors.rs
+++ b/codex-rs/core/src/connectors.rs
@@ -680,10 +680,10 @@ fn app_tool_policy_from_apps_config(
         });
     let destructive_hint = annotations
         .and_then(|annotations| annotations.destructive_hint)
-        .unwrap_or(false);
+        .unwrap_or(true);
     let open_world_hint = annotations
         .and_then(|annotations| annotations.open_world_hint)
-        .unwrap_or(false);
+        .unwrap_or(true);
     let enabled =
         (destructive_enabled || !destructive_hint) && (open_world_enabled || !open_world_hint);
 
diff --git a/codex-rs/core/src/connectors_tests.rs b/codex-rs/core/src/connectors_tests.rs
index e462c7939e..0f9e834d8d 100644
--- a/codex-rs/core/src/connectors_tests.rs
+++ b/codex-rs/core/src/connectors_tests.rs
@@ -390,6 +390,62 @@ fn app_tool_policy_uses_global_defaults_for_destructive_hints() {
     );
 }
 
+#[test]
+fn app_tool_policy_defaults_missing_destructive_hint_to_true() {
+    let apps_config = AppsConfigToml {
+        default: Some(AppsDefaultConfig {
+            enabled: true,
+            destructive_enabled: false,
+            open_world_enabled: true,
+        }),
+        apps: HashMap::new(),
+    };
+
+    let policy = app_tool_policy_from_apps_config(
+        Some(&apps_config),
+        Some("calendar"),
+        "events/create",
+        /*tool_title*/ None,
+        Some(&annotations(/*destructive_hint*/ None, Some(false))),
+    );
+
+    assert_eq!(
+        policy,
+        AppToolPolicy {
+            enabled: false,
+            approval: AppToolApproval::Auto,
+        }
+    );
+}
+
+#[test]
+fn app_tool_policy_defaults_missing_open_world_hint_to_true() {
+    let apps_config = AppsConfigToml {
+        default: Some(AppsDefaultConfig {
+            enabled: true,
+            destructive_enabled: true,
+            open_world_enabled: false,
+        }),
+        apps: HashMap::new(),
+    };
+
+    let policy = app_tool_policy_from_apps_config(
+        Some(&apps_config),
+        Some("calendar"),
+        "events/create",
+        /*tool_title*/ None,
+        Some(&annotations(Some(false), /*open_world_hint*/ None)),
+    );
+
+    assert_eq!(
+        policy,
+        AppToolPolicy {
+            enabled: false,
+            approval: AppToolApproval::Auto,
+        }
+    );
+}
+
 #[test]
 fn app_is_enabled_uses_default_for_unconfigured_apps() {
     let apps_config = AppsConfigToml {