{ "$schema": "http://json-schema.org/draft-07/schema#", "definitions": { "AbsolutePathBuf": { "description": "A path that is guaranteed to be absolute and normalized (though it is not guaranteed to be canonicalized or exist on the filesystem).\n\nIMPORTANT: When deserializing an `AbsolutePathBuf`, a base path must be set using [AbsolutePathBufGuard::new]. If no base path is set, the deserialization will fail unless the path being deserialized is already absolute.", "type": "string" }, "AdditionalFileSystemPermissions": { "properties": { "entries": { "items": { "$ref": "#/definitions/FileSystemSandboxEntry" }, "type": [ "array", "null" ] }, "globScanMaxDepth": { "format": "uint", "minimum": 1.0, "type": [ "integer", "null" ] }, "read": { "items": { "$ref": "#/definitions/AbsolutePathBuf" }, "type": [ "array", "null" ] }, "write": { "items": { "$ref": "#/definitions/AbsolutePathBuf" }, "type": [ "array", "null" ] } }, "type": "object" }, "AdditionalNetworkPermissions": { "properties": { "enabled": { "type": [ "boolean", "null" ] } }, "type": "object" }, "FileSystemAccessMode": { "enum": [ "read", "write", "none" ], "type": "string" }, "FileSystemPath": { "oneOf": [ { "properties": { "path": { "$ref": "#/definitions/AbsolutePathBuf" }, "type": { "enum": [ "path" ], "title": "PathFileSystemPathType", "type": "string" } }, "required": [ "path", "type" ], "title": "PathFileSystemPath", "type": "object" }, { "properties": { "pattern": { "type": "string" }, "type": { "enum": [ "glob_pattern" ], "title": "GlobPatternFileSystemPathType", "type": "string" } }, "required": [ "pattern", "type" ], "title": "GlobPatternFileSystemPath", "type": "object" }, { "properties": { "type": { "enum": [ "special" ], "title": "SpecialFileSystemPathType", "type": "string" }, "value": { "$ref": "#/definitions/FileSystemSpecialPath" } }, "required": [ "type", "value" ], "title": "SpecialFileSystemPath", "type": "object" } ] }, "FileSystemSandboxEntry": { "properties": { "access": { "$ref": "#/definitions/FileSystemAccessMode" }, "path": { "$ref": "#/definitions/FileSystemPath" } }, "required": [ "access", "path" ], "type": "object" }, "FileSystemSpecialPath": { "oneOf": [ { "properties": { "kind": { "enum": [ "root" ], "type": "string" } }, "required": [ "kind" ], "title": "RootFileSystemSpecialPath", "type": "object" }, { "properties": { "kind": { "enum": [ "minimal" ], "type": "string" } }, "required": [ "kind" ], "title": "MinimalFileSystemSpecialPath", "type": "object" }, { "properties": { "kind": { "enum": [ "current_working_directory" ], "type": "string" } }, "required": [ "kind" ], "title": "CurrentWorkingDirectoryFileSystemSpecialPath", "type": "object" }, { "properties": { "kind": { "enum": [ "project_roots" ], "type": "string" }, "subpath": { "type": [ "string", "null" ] } }, "required": [ "kind" ], "title": "KindFileSystemSpecialPath", "type": "object" }, { "properties": { "kind": { "enum": [ "tmpdir" ], "type": "string" } }, "required": [ "kind" ], "title": "TmpdirFileSystemSpecialPath", "type": "object" }, { "properties": { "kind": { "enum": [ "slash_tmp" ], "type": "string" } }, "required": [ "kind" ], "title": "SlashTmpFileSystemSpecialPath", "type": "object" }, { "properties": { "kind": { "enum": [ "unknown" ], "type": "string" }, "path": { "type": "string" }, "subpath": { "type": [ "string", "null" ] } }, "required": [ "kind", "path" ], "type": "object" } ] }, "GuardianApprovalReview": { "description": "[UNSTABLE] Temporary approval auto-review payload used by `item/autoApprovalReview/*` notifications. This shape is expected to change soon.", "properties": { "rationale": { "type": [ "string", "null" ] }, "riskLevel": { "anyOf": [ { "$ref": "#/definitions/GuardianRiskLevel" }, { "type": "null" } ] }, "status": { "$ref": "#/definitions/GuardianApprovalReviewStatus" }, "userAuthorization": { "anyOf": [ { "$ref": "#/definitions/GuardianUserAuthorization" }, { "type": "null" } ] } }, "required": [ "status" ], "type": "object" }, "GuardianApprovalReviewAction": { "oneOf": [ { "properties": { "command": { "type": "string" }, "cwd": { "$ref": "#/definitions/AbsolutePathBuf" }, "source": { "$ref": "#/definitions/GuardianCommandSource" }, "type": { "enum": [ "command" ], "title": "CommandGuardianApprovalReviewActionType", "type": "string" } }, "required": [ "command", "cwd", "source", "type" ], "title": "CommandGuardianApprovalReviewAction", "type": "object" }, { "properties": { "argv": { "items": { "type": "string" }, "type": "array" }, "cwd": { "$ref": "#/definitions/AbsolutePathBuf" }, "program": { "type": "string" }, "source": { "$ref": "#/definitions/GuardianCommandSource" }, "type": { "enum": [ "execve" ], "title": "ExecveGuardianApprovalReviewActionType", "type": "string" } }, "required": [ "argv", "cwd", "program", "source", "type" ], "title": "ExecveGuardianApprovalReviewAction", "type": "object" }, { "properties": { "cwd": { "$ref": "#/definitions/AbsolutePathBuf" }, "files": { "items": { "$ref": "#/definitions/AbsolutePathBuf" }, "type": "array" }, "type": { "enum": [ "applyPatch" ], "title": "ApplyPatchGuardianApprovalReviewActionType", "type": "string" } }, "required": [ "cwd", "files", "type" ], "title": "ApplyPatchGuardianApprovalReviewAction", "type": "object" }, { "properties": { "host": { "type": "string" }, "port": { "format": "uint16", "minimum": 0.0, "type": "integer" }, "protocol": { "$ref": "#/definitions/NetworkApprovalProtocol" }, "target": { "type": "string" }, "type": { "enum": [ "networkAccess" ], "title": "NetworkAccessGuardianApprovalReviewActionType", "type": "string" } }, "required": [ "host", "port", "protocol", "target", "type" ], "title": "NetworkAccessGuardianApprovalReviewAction", "type": "object" }, { "properties": { "connectorId": { "type": [ "string", "null" ] }, "connectorName": { "type": [ "string", "null" ] }, "server": { "type": "string" }, "toolName": { "type": "string" }, "toolTitle": { "type": [ "string", "null" ] }, "type": { "enum": [ "mcpToolCall" ], "title": "McpToolCallGuardianApprovalReviewActionType", "type": "string" } }, "required": [ "server", "toolName", "type" ], "title": "McpToolCallGuardianApprovalReviewAction", "type": "object" }, { "properties": { "permissions": { "$ref": "#/definitions/RequestPermissionProfile" }, "reason": { "type": [ "string", "null" ] }, "type": { "enum": [ "requestPermissions" ], "title": "RequestPermissionsGuardianApprovalReviewActionType", "type": "string" } }, "required": [ "permissions", "type" ], "title": "RequestPermissionsGuardianApprovalReviewAction", "type": "object" } ] }, "GuardianApprovalReviewStatus": { "description": "[UNSTABLE] Lifecycle state for an approval auto-review.", "enum": [ "inProgress", "approved", "denied", "timedOut", "aborted" ], "type": "string" }, "GuardianCommandSource": { "enum": [ "shell", "unifiedExec" ], "type": "string" }, "GuardianRiskLevel": { "description": "[UNSTABLE] Risk level assigned by approval auto-review.", "enum": [ "low", "medium", "high", "critical" ], "type": "string" }, "GuardianUserAuthorization": { "description": "[UNSTABLE] Authorization level assigned by approval auto-review.", "enum": [ "unknown", "low", "medium", "high" ], "type": "string" }, "NetworkApprovalProtocol": { "enum": [ "http", "https", "socks5Tcp", "socks5Udp" ], "type": "string" }, "RequestPermissionProfile": { "additionalProperties": false, "properties": { "fileSystem": { "anyOf": [ { "$ref": "#/definitions/AdditionalFileSystemPermissions" }, { "type": "null" } ] }, "network": { "anyOf": [ { "$ref": "#/definitions/AdditionalNetworkPermissions" }, { "type": "null" } ] } }, "type": "object" } }, "description": "[UNSTABLE] Temporary notification payload for approval auto-review. This shape is expected to change soon.", "properties": { "action": { "$ref": "#/definitions/GuardianApprovalReviewAction" }, "review": { "$ref": "#/definitions/GuardianApprovalReview" }, "reviewId": { "description": "Stable identifier for this review.", "type": "string" }, "targetItemId": { "description": "Identifier for the reviewed item or tool call when one exists.\n\nIn most cases, one review maps to one target item. The exceptions are - execve reviews, where a single command may contain multiple execve calls to review (only possible when using the shell_zsh_fork feature) - network policy reviews, where there is no target item\n\nA network call is triggered by a CommandExecution item, so having a target_item_id set to the CommandExecution item would be misleading because the review is about the network call, not the command execution. Therefore, target_item_id is set to None for network policy reviews.", "type": [ "string", "null" ] }, "threadId": { "type": "string" }, "turnId": { "type": "string" } }, "required": [ "action", "review", "reviewId", "threadId", "turnId" ], "title": "ItemGuardianApprovalReviewStartedNotification", "type": "object" }