[Feature Request] Implement Fine-Grained Tool Permissions for Agent Constraints

Resolved 💬 5 comments Opened Sep 12, 2025 by JavierZunzunegui Closed Jan 8, 2026

Bug Description
I have a testing agent that is not supposed to modify the codebase. It has no Write permission, but it bypasses using Bash (sed, cat, ...) to make writes. I have told it in its description many times to not modify the codebase, but it often does so regardless. A suggestion to improve on it: can the agent be given finer-grade permissions via the tools, e.g. tools: Bash(go test:*) as opposed to just tools: Bash ?

Environment Info

  • Platform: linux
  • Terminal: gnome-terminal
  • Version: 1.0.112
  • Feedback ID:

View original on GitHub ↗

This issue has 5 comments on GitHub. Read the full discussion on GitHub ↗