@kybernesis/arp-scope-catalog 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (61) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +80 -0
  3. package/dist/index.cjs +518 -0
  4. package/dist/index.cjs.map +1 -0
  5. package/dist/index.d.cts +144 -0
  6. package/dist/index.d.ts +144 -0
  7. package/dist/index.js +501 -0
  8. package/dist/index.js.map +1 -0
  9. package/generated/manifest.json +1542 -0
  10. package/generated/scopes.json +1536 -0
  11. package/package.json +49 -0
  12. package/scopes/calendar.availability.read.yaml +35 -0
  13. package/scopes/calendar.events.cancel.yaml +24 -0
  14. package/scopes/calendar.events.create.yaml +31 -0
  15. package/scopes/calendar.events.modify.yaml +24 -0
  16. package/scopes/calendar.events.propose.yaml +35 -0
  17. package/scopes/calendar.events.read.yaml +38 -0
  18. package/scopes/connection.extend.yaml +28 -0
  19. package/scopes/connection.rescope.request.yaml +21 -0
  20. package/scopes/contacts.attributes.read.yaml +25 -0
  21. package/scopes/contacts.introduce.yaml +21 -0
  22. package/scopes/contacts.search.yaml +26 -0
  23. package/scopes/contacts.share.yaml +30 -0
  24. package/scopes/credentials.present.request.yaml +29 -0
  25. package/scopes/credentials.proof.zk.request.yaml +31 -0
  26. package/scopes/delegation.forward.task.yaml +36 -0
  27. package/scopes/files.project.files.delete.yaml +31 -0
  28. package/scopes/files.project.files.list.yaml +22 -0
  29. package/scopes/files.project.files.read.yaml +35 -0
  30. package/scopes/files.project.files.summarize.yaml +30 -0
  31. package/scopes/files.project.files.write.yaml +34 -0
  32. package/scopes/files.project.metadata.read.yaml +21 -0
  33. package/scopes/files.projects.list.yaml +18 -0
  34. package/scopes/files.share.external.yaml +39 -0
  35. package/scopes/identity.card.read.yaml +18 -0
  36. package/scopes/identity.introduction.request.yaml +24 -0
  37. package/scopes/identity.principal.verify.yaml +19 -0
  38. package/scopes/knowledge.query.yaml +31 -0
  39. package/scopes/messaging.chat.send.yaml +27 -0
  40. package/scopes/messaging.email.draft.compose.yaml +23 -0
  41. package/scopes/messaging.email.send.reviewed.yaml +36 -0
  42. package/scopes/messaging.email.summary.yaml +26 -0
  43. package/scopes/messaging.email.thread.read.yaml +29 -0
  44. package/scopes/messaging.relay.to_principal.yaml +22 -0
  45. package/scopes/notes.read.yaml +25 -0
  46. package/scopes/notes.search.yaml +24 -0
  47. package/scopes/notes.write.yaml +32 -0
  48. package/scopes/payments.authorize.capped.yaml +37 -0
  49. package/scopes/payments.history.read.yaml +28 -0
  50. package/scopes/payments.quote.request.yaml +18 -0
  51. package/scopes/payments.refund.request.yaml +24 -0
  52. package/scopes/tasks.assign.yaml +27 -0
  53. package/scopes/tasks.create.yaml +31 -0
  54. package/scopes/tasks.list.yaml +21 -0
  55. package/scopes/tasks.read.yaml +22 -0
  56. package/scopes/tasks.status.update.yaml +22 -0
  57. package/scopes/tools.invoke.mutating.yaml +37 -0
  58. package/scopes/tools.invoke.read.yaml +28 -0
  59. package/scopes/work.projects.list.yaml +18 -0
  60. package/scopes/work.reports.summary.yaml +29 -0
  61. package/scopes/work.status.read.yaml +18 -0
package/generated/manifest.json ADDED
@@ -0,0 +1,1542 @@
1
+ {
2
+ "version": "v1",
3
+ "updated_at": "2026-04-24T16:48:20+07:00",
4
+ "scope_count": 50,
5
+ "checksum": "sha256:ad278a0843e7b0439b7bc59b0fb56619e9d3e1dddd3df57816a8e0fd9d74cb69",
6
+ "scopes": [
7
+ {
8
+ "id": "calendar.availability.read",
9
+ "version": "1.0.0",
10
+ "label": "Check availability (free/busy only)",
11
+ "description": "Peer can see when you're free or busy, but no event titles, attendees, or details.",
12
+ "category": "calendar",
13
+ "risk": "low",
14
+ "parameters": [
15
+ {
16
+ "name": "days_ahead",
17
+ "type": "Integer",
18
+ "required": true,
19
+ "default": 14,
20
+ "validation": "1..90"
21
+ }
22
+ ],
23
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"check_availability\",\n resource == Calendar::\"primary\"\n) when {\n context.query_window_days <= {{days_ahead}}\n};\nforbid (\n principal == Agent::\"{{audience_did}}\",\n action,\n resource == Calendar::\"primary\"\n) when {\n action != Action::\"check_availability\"\n};\n",
24
+ "consent_text_template": "Check your free/busy (no details) up to {{days_ahead}} days ahead.",
25
+ "obligations_forced": [
26
+ {
27
+ "type": "redact_fields",
28
+ "params": {
29
+ "fields": [
30
+ "event.title",
31
+ "event.attendees",
32
+ "event.description",
33
+ "event.location"
34
+ ]
35
+ }
36
+ }
37
+ ],
38
+ "implies": [],
39
+ "conflicts_with": [],
40
+ "step_up_required": false
41
+ },
42
+ {
43
+ "id": "calendar.events.cancel",
44
+ "version": "1.0.0",
45
+ "label": "Cancel events",
46
+ "description": "Peer can cancel calendar events on your behalf.",
47
+ "category": "calendar",
48
+ "risk": "high",
49
+ "parameters": [],
50
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"cancel_event\",\n resource == Calendar::\"primary\"\n);\n",
51
+ "consent_text_template": "Cancel calendar events on your behalf.",
52
+ "obligations_forced": [
53
+ {
54
+ "type": "audit_level",
55
+ "params": {
56
+ "level": "verbose"
57
+ }
58
+ },
59
+ {
60
+ "type": "notify_principal",
61
+ "params": {}
62
+ }
63
+ ],
64
+ "implies": [
65
+ "calendar.events.read"
66
+ ],
67
+ "conflicts_with": [],
68
+ "step_up_required": true
69
+ },
70
+ {
71
+ "id": "calendar.events.create",
72
+ "version": "1.0.0",
73
+ "label": "Create events directly",
74
+ "description": "Peer can create calendar events on your primary calendar without extra confirmation, up to a daily cap.",
75
+ "category": "calendar",
76
+ "risk": "high",
77
+ "parameters": [
78
+ {
79
+ "name": "max_per_day",
80
+ "type": "Integer",
81
+ "required": true,
82
+ "default": 5,
83
+ "validation": "1..50"
84
+ }
85
+ ],
86
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"create_event\",\n resource == Calendar::\"primary\"\n) when {\n context.events_created_today < {{max_per_day}}\n};\n",
87
+ "consent_text_template": "Create calendar events directly, up to {{max_per_day}} per day.",
88
+ "obligations_forced": [
89
+ {
90
+ "type": "audit_level",
91
+ "params": {
92
+ "level": "verbose"
93
+ }
94
+ },
95
+ {
96
+ "type": "notify_principal",
97
+ "params": {}
98
+ }
99
+ ],
100
+ "implies": [
101
+ "calendar.availability.read"
102
+ ],
103
+ "conflicts_with": [],
104
+ "step_up_required": true
105
+ },
106
+ {
107
+ "id": "calendar.events.modify",
108
+ "version": "1.0.0",
109
+ "label": "Modify existing events",
110
+ "description": "Peer can modify existing calendar events (reschedule, update details).",
111
+ "category": "calendar",
112
+ "risk": "high",
113
+ "parameters": [],
114
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"modify_event\",\n resource == Calendar::\"primary\"\n);\n",
115
+ "consent_text_template": "Modify existing calendar events on your behalf.",
116
+ "obligations_forced": [
117
+ {
118
+ "type": "audit_level",
119
+ "params": {
120
+ "level": "verbose"
121
+ }
122
+ },
123
+ {
124
+ "type": "notify_principal",
125
+ "params": {}
126
+ }
127
+ ],
128
+ "implies": [
129
+ "calendar.events.read"
130
+ ],
131
+ "conflicts_with": [],
132
+ "step_up_required": true
133
+ },
134
+ {
135
+ "id": "calendar.events.propose",
136
+ "version": "1.0.0",
137
+ "label": "Propose a meeting",
138
+ "description": "Peer can propose a meeting. Creates a tentative event pending your confirmation.",
139
+ "category": "calendar",
140
+ "risk": "medium",
141
+ "parameters": [
142
+ {
143
+ "name": "max_attendees",
144
+ "type": "Integer",
145
+ "required": true,
146
+ "default": 10,
147
+ "validation": "1..50"
148
+ },
149
+ {
150
+ "name": "max_duration_min",
151
+ "type": "Integer",
152
+ "required": true,
153
+ "default": 60,
154
+ "validation": "15..480"
155
+ }
156
+ ],
157
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"propose_meeting\",\n resource == Calendar::\"primary\"\n) when {\n context.proposed_attendee_count <= {{max_attendees}} &&\n context.proposed_duration_min <= {{max_duration_min}}\n};\n",
158
+ "consent_text_template": "Propose meetings (up to {{max_attendees}} people, {{max_duration_min}} minutes). You confirm before it's booked.",
159
+ "obligations_forced": [
160
+ {
161
+ "type": "require_principal_confirmation",
162
+ "params": {
163
+ "max_age_seconds": 86400
164
+ }
165
+ }
166
+ ],
167
+ "implies": [
168
+ "calendar.availability.read"
169
+ ],
170
+ "conflicts_with": [],
171
+ "step_up_required": false
172
+ },
173
+ {
174
+ "id": "calendar.events.read",
175
+ "version": "1.0.0",
176
+ "label": "Read event details",
177
+ "description": "Peer can read the details of calendar events within a time window.",
178
+ "category": "calendar",
179
+ "risk": "medium",
180
+ "parameters": [
181
+ {
182
+ "name": "window_days",
183
+ "type": "Integer",
184
+ "required": true,
185
+ "default": 30,
186
+ "validation": "1..365"
187
+ },
188
+ {
189
+ "name": "include_private",
190
+ "type": "Enum",
191
+ "required": false,
192
+ "default": "no",
193
+ "validation": [
194
+ "yes",
195
+ "no"
196
+ ]
197
+ }
198
+ ],
199
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"read\",\n resource == Calendar::\"primary\"\n) when {\n context.query_window_days <= {{window_days}}\n {{#if include_private_flag}}\n {{else}}\n && !resource.tags.contains(\"private\")\n {{/if}}\n};\n",
200
+ "consent_text_template": "Read event details for the next {{window_days}} days.",
201
+ "obligations_forced": [
202
+ {
203
+ "type": "audit_level",
204
+ "params": {
205
+ "level": "verbose"
206
+ }
207
+ }
208
+ ],
209
+ "implies": [
210
+ "calendar.availability.read"
211
+ ],
212
+ "conflicts_with": [],
213
+ "step_up_required": false
214
+ },
215
+ {
216
+ "id": "connection.extend",
217
+ "version": "1.0.0",
218
+ "label": "Extend connection expiry",
219
+ "description": "Peer can request that you extend this connection's expiry by a bounded number of days.",
220
+ "category": "identity",
221
+ "risk": "medium",
222
+ "parameters": [
223
+ {
224
+ "name": "days",
225
+ "type": "Integer",
226
+ "required": true,
227
+ "default": 30,
228
+ "validation": "1..365"
229
+ }
230
+ ],
231
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"extend_connection\",\n resource == Connection::\"self\"\n) when {\n context.requested_extension_days <= {{days}}\n};\n",
232
+ "consent_text_template": "Allow Peer to request a connection extension up to {{days}} days.",
233
+ "obligations_forced": [
234
+ {
235
+ "type": "require_principal_confirmation",
236
+ "params": {
237
+ "max_age_seconds": 0
238
+ }
239
+ }
240
+ ],
241
+ "implies": [],
242
+ "conflicts_with": [],
243
+ "step_up_required": false
244
+ },
245
+ {
246
+ "id": "connection.rescope.request",
247
+ "version": "1.0.0",
248
+ "label": "Request new scopes",
249
+ "description": "Peer can ask you to add or adjust scopes on this connection (subject to your approval).",
250
+ "category": "identity",
251
+ "risk": "medium",
252
+ "parameters": [],
253
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"request_rescope\",\n resource == Connection::\"self\"\n);\n",
254
+ "consent_text_template": "Allow Peer to propose new scopes on this connection.",
255
+ "obligations_forced": [
256
+ {
257
+ "type": "require_principal_confirmation",
258
+ "params": {
259
+ "max_age_seconds": 0
260
+ }
261
+ }
262
+ ],
263
+ "implies": [],
264
+ "conflicts_with": [],
265
+ "step_up_required": false
266
+ },
267
+ {
268
+ "id": "contacts.attributes.read",
269
+ "version": "1.0.0",
270
+ "label": "Read specific contact attributes",
271
+ "description": "Peer can read specific attribute fields (e.g., phone, title) on contacts you've identified.",
272
+ "category": "contacts",
273
+ "risk": "medium",
274
+ "parameters": [
275
+ {
276
+ "name": "attributes",
277
+ "type": "AttributeList",
278
+ "required": true,
279
+ "validation": [
280
+ "name",
281
+ "email",
282
+ "phone",
283
+ "title",
284
+ "company",
285
+ "linkedin",
286
+ "twitter",
287
+ "notes"
288
+ ]
289
+ }
290
+ ],
291
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"read\",\n resource == Contact\n);\n",
292
+ "consent_text_template": "Read these contact attributes: {{attributes_display}}.",
293
+ "obligations_forced": [
294
+ {
295
+ "type": "redact_fields_except",
296
+ "params": {
297
+ "allowlist": "{{attributes_json}}"
298
+ }
299
+ }
300
+ ],
301
+ "implies": [],
302
+ "conflicts_with": [],
303
+ "step_up_required": false
304
+ },
305
+ {
306
+ "id": "contacts.introduce",
307
+ "version": "1.0.0",
308
+ "label": "Request contact introduction",
309
+ "description": "Peer can ask you to introduce them to one of your contacts.",
310
+ "category": "contacts",
311
+ "risk": "medium",
312
+ "parameters": [],
313
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"request_contact_introduction\",\n resource == Contact\n);\n",
314
+ "consent_text_template": "Let Peer ask you for introductions to your contacts.",
315
+ "obligations_forced": [
316
+ {
317
+ "type": "require_principal_confirmation",
318
+ "params": {
319
+ "max_age_seconds": 86400
320
+ }
321
+ }
322
+ ],
323
+ "implies": [],
324
+ "conflicts_with": [],
325
+ "step_up_required": false
326
+ },
327
+ {
328
+ "id": "contacts.search",
329
+ "version": "1.0.0",
330
+ "label": "Look up contacts",
331
+ "description": "Peer can search your contacts and receive only the attributes you specify.",
332
+ "category": "contacts",
333
+ "risk": "medium",
334
+ "parameters": [
335
+ {
336
+ "name": "attribute_allowlist",
337
+ "type": "AttributeList",
338
+ "required": true,
339
+ "default": [
340
+ "name",
341
+ "email"
342
+ ],
343
+ "validation": [
344
+ "name",
345
+ "email",
346
+ "phone",
347
+ "title",
348
+ "company",
349
+ "linkedin",
350
+ "twitter",
351
+ "notes"
352
+ ]
353
+ }
354
+ ],
355
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"search_contacts\",\n resource == Contact\n);\n",
356
+ "consent_text_template": "Search your contacts and see these fields: {{attribute_allowlist_display}}.",
357
+ "obligations_forced": [
358
+ {
359
+ "type": "redact_fields_except",
360
+ "params": {
361
+ "allowlist": "{{attribute_allowlist_json}}"
362
+ }
363
+ }
364
+ ],
365
+ "implies": [],
366
+ "conflicts_with": [],
367
+ "step_up_required": false
368
+ },
369
+ {
370
+ "id": "contacts.share",
371
+ "version": "1.0.0",
372
+ "label": "Share a contact card",
373
+ "description": "Peer can ask you to share a contact's vCard to an allowlisted recipient.",
374
+ "category": "contacts",
375
+ "risk": "high",
376
+ "parameters": [
377
+ {
378
+ "name": "recipient_allowlist",
379
+ "type": "EmailList",
380
+ "required": true,
381
+ "validation": "rfc5322-or-domain-glob"
382
+ }
383
+ ],
384
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"share_external\",\n resource == Contact\n) when {\n context.recipient_matches_allowlist({{recipient_allowlist_json}})\n};\n",
385
+ "consent_text_template": "Share contact cards externally to: {{recipient_allowlist_display}}.",
386
+ "obligations_forced": [
387
+ {
388
+ "type": "require_principal_confirmation",
389
+ "params": {
390
+ "max_age_seconds": 0
391
+ }
392
+ },
393
+ {
394
+ "type": "audit_level",
395
+ "params": {
396
+ "level": "verbose"
397
+ }
398
+ }
399
+ ],
400
+ "implies": [],
401
+ "conflicts_with": [],
402
+ "step_up_required": true
403
+ },
404
+ {
405
+ "id": "credentials.present.request",
406
+ "version": "1.0.0",
407
+ "label": "Request specific VCs",
408
+ "description": "Peer can ask your agent to present specific Verifiable Credentials (full disclosure, not ZK).",
409
+ "category": "credentials",
410
+ "risk": "medium",
411
+ "parameters": [
412
+ {
413
+ "name": "required_vcs",
414
+ "type": "AttributeList",
415
+ "required": true,
416
+ "validation": "vc-type-id"
417
+ }
418
+ ],
419
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"present_vc\",\n resource == Credential\n) when {\n resource.type in {{required_vcs_json}}\n};\n",
420
+ "consent_text_template": "Present these credentials: {{required_vcs_display}}.",
421
+ "obligations_forced": [
422
+ {
423
+ "type": "audit_level",
424
+ "params": {
425
+ "level": "verbose"
426
+ }
427
+ },
428
+ {
429
+ "type": "log_zk_disclosure",
430
+ "params": {}
431
+ }
432
+ ],
433
+ "implies": [],
434
+ "conflicts_with": [],
435
+ "step_up_required": false
436
+ },
437
+ {
438
+ "id": "credentials.proof.zk.request",
439
+ "version": "1.0.0",
440
+ "label": "Request ZK proof of an attribute",
441
+ "description": "Peer can ask your agent to present a zero-knowledge proof of a single attribute without revealing the underlying credential. Issuer is method-agnostic — any VC issuer that publishes a compatible predicate proof works.",
442
+ "category": "credentials",
443
+ "risk": "medium",
444
+ "parameters": [
445
+ {
446
+ "name": "attribute",
447
+ "type": "Enum",
448
+ "required": true,
449
+ "validation": [
450
+ "over_18",
451
+ "over_21",
452
+ "us_resident",
453
+ "verified_human",
454
+ "country"
455
+ ]
456
+ },
457
+ {
458
+ "name": "predicate",
459
+ "type": "Enum",
460
+ "required": false,
461
+ "default": "eq",
462
+ "validation": [
463
+ "eq",
464
+ "gte",
465
+ "lte",
466
+ "in"
467
+ ]
468
+ }
469
+ ],
470
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"request_zk_proof\",\n resource == Credential::\"{{attribute}}\"\n) when {\n context.predicate == \"{{predicate}}\"\n};\n",
471
+ "consent_text_template": "Prove to Peer, without revealing details, that you are {{attribute_human}}.",
472
+ "obligations_forced": [
473
+ {
474
+ "type": "log_zk_disclosure",
475
+ "params": {}
476
+ }
477
+ ],
478
+ "implies": [],
479
+ "conflicts_with": [],
480
+ "step_up_required": false
481
+ },
482
+ {
483
+ "id": "delegation.forward.task",
484
+ "version": "1.0.0",
485
+ "label": "Forward task to another agent",
486
+ "description": "Peer can re-delegate a task to a third agent, with automatically attenuated scopes.",
487
+ "category": "delegation",
488
+ "risk": "high",
489
+ "parameters": [
490
+ {
491
+ "name": "agent_allowlist",
492
+ "type": "AgentDIDList",
493
+ "required": true,
494
+ "validation": "at-least-one"
495
+ },
496
+ {
497
+ "name": "scope_attenuation",
498
+ "type": "Enum",
499
+ "required": true,
500
+ "default": "read_only",
501
+ "validation": [
502
+ "read_only",
503
+ "same_scopes",
504
+ "custom"
505
+ ]
506
+ }
507
+ ],
508
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"redelegate\",\n resource == Connection::\"self\"\n) when {\n context.delegate_target in {{agent_allowlist_json}} &&\n context.attenuation_mode == \"{{scope_attenuation}}\"\n};\n",
509
+ "consent_text_template": "Allow Peer to forward tasks to: {{agent_allowlist_display}}. Forwarded tasks get {{scope_attenuation_human}} access.",
510
+ "obligations_forced": [
511
+ {
512
+ "type": "audit_level",
513
+ "params": {
514
+ "level": "verbose"
515
+ }
516
+ },
517
+ {
518
+ "type": "notify_principal",
519
+ "params": {}
520
+ }
521
+ ],
522
+ "implies": [],
523
+ "conflicts_with": [],
524
+ "tier_gate": "self_xyz.verified_human",
525
+ "step_up_required": true
526
+ },
527
+ {
528
+ "id": "files.project.files.delete",
529
+ "version": "1.0.0",
530
+ "label": "Delete files",
531
+ "description": "Peer can delete files in a specific project.",
532
+ "category": "files",
533
+ "risk": "critical",
534
+ "parameters": [
535
+ {
536
+ "name": "project_id",
537
+ "type": "ProjectID",
538
+ "required": true
539
+ }
540
+ ],
541
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"delete\",\n resource in Project::\"{{project_id}}\"\n);\n",
542
+ "consent_text_template": "Delete files in project {{project_id}} (destructive).",
543
+ "obligations_forced": [
544
+ {
545
+ "type": "require_principal_confirmation",
546
+ "params": {
547
+ "max_age_seconds": 0
548
+ }
549
+ },
550
+ {
551
+ "type": "audit_level",
552
+ "params": {
553
+ "level": "verbose"
554
+ }
555
+ },
556
+ {
557
+ "type": "notify_principal",
558
+ "params": {}
559
+ }
560
+ ],
561
+ "implies": [],
562
+ "conflicts_with": [
563
+ "files.share.external"
564
+ ],
565
+ "tier_gate": "self_xyz.verified_human",
566
+ "step_up_required": true
567
+ },
568
+ {
569
+ "id": "files.project.files.list",
570
+ "version": "1.0.0",
571
+ "label": "List files in a project",
572
+ "description": "Peer can list the file names in a specific project, not their contents.",
573
+ "category": "files",
574
+ "risk": "low",
575
+ "parameters": [
576
+ {
577
+ "name": "project_id",
578
+ "type": "ProjectID",
579
+ "required": true
580
+ }
581
+ ],
582
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"list\",\n resource in Project::\"{{project_id}}\"\n);\n",
583
+ "consent_text_template": "List files in project {{project_id}}.",
584
+ "obligations_forced": [],
585
+ "implies": [
586
+ "files.project.metadata.read"
587
+ ],
588
+ "conflicts_with": [],
589
+ "step_up_required": false
590
+ },
591
+ {
592
+ "id": "files.project.files.read",
593
+ "version": "1.0.0",
594
+ "label": "Read file contents",
595
+ "description": "Peer can read the contents of files in a specific project.",
596
+ "category": "files",
597
+ "risk": "medium",
598
+ "parameters": [
599
+ {
600
+ "name": "project_id",
601
+ "type": "ProjectID",
602
+ "required": true
603
+ },
604
+ {
605
+ "name": "max_size_mb",
606
+ "type": "Integer",
607
+ "required": true,
608
+ "default": 10,
609
+ "validation": "1..100"
610
+ }
611
+ ],
612
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action in [Action::\"read\", Action::\"list\"],\n resource in Project::\"{{project_id}}\"\n) when {\n resource.size_bytes <= {{max_size_mb}} * 1048576 &&\n !resource.tags.contains(\"confidential\") &&\n !resource.tags.contains(\"do-not-share\")\n};\n",
613
+ "consent_text_template": "Read files in {{project.name}} (up to {{max_size_mb}} MB each; excludes items tagged confidential).",
614
+ "obligations_forced": [
615
+ {
616
+ "type": "audit_level",
617
+ "params": {
618
+ "level": "verbose"
619
+ }
620
+ }
621
+ ],
622
+ "implies": [
623
+ "files.project.files.list",
624
+ "files.project.metadata.read"
625
+ ],
626
+ "conflicts_with": [],
627
+ "step_up_required": false
628
+ },
629
+ {
630
+ "id": "files.project.files.summarize",
631
+ "version": "1.0.0",
632
+ "label": "Summaries only (derive)",
633
+ "description": "Peer receives model-generated summaries of files in a project, never the raw contents.",
634
+ "category": "files",
635
+ "risk": "low",
636
+ "parameters": [
637
+ {
638
+ "name": "project_id",
639
+ "type": "ProjectID",
640
+ "required": true
641
+ },
642
+ {
643
+ "name": "max_output_words",
644
+ "type": "Integer",
645
+ "required": true,
646
+ "default": 2000,
647
+ "validation": "100..10000"
648
+ }
649
+ ],
650
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"summarize\",\n resource in Project::\"{{project_id}}\"\n);\n",
651
+ "consent_text_template": "Summarize files in project {{project_id}} (up to {{max_output_words}} words).",
652
+ "obligations_forced": [
653
+ {
654
+ "type": "summarize_only",
655
+ "params": {
656
+ "max_words": "{{max_output_words}}"
657
+ }
658
+ }
659
+ ],
660
+ "implies": [
661
+ "files.project.files.read"
662
+ ],
663
+ "conflicts_with": [],
664
+ "step_up_required": false
665
+ },
666
+ {
667
+ "id": "files.project.files.write",
668
+ "version": "1.0.0",
669
+ "label": "Create/modify files",
670
+ "description": "Peer can create and modify files in a specific project, up to a maximum size per file.",
671
+ "category": "files",
672
+ "risk": "high",
673
+ "parameters": [
674
+ {
675
+ "name": "project_id",
676
+ "type": "ProjectID",
677
+ "required": true
678
+ },
679
+ {
680
+ "name": "max_size_mb",
681
+ "type": "Integer",
682
+ "required": true,
683
+ "default": 10,
684
+ "validation": "1..100"
685
+ }
686
+ ],
687
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action in [Action::\"write\", Action::\"update\"],\n resource in Project::\"{{project_id}}\"\n) when {\n context.written_size_bytes <= {{max_size_mb}} * 1048576\n};\n",
688
+ "consent_text_template": "Create or modify files in {{project_id}} (up to {{max_size_mb}} MB each).",
689
+ "obligations_forced": [
690
+ {
691
+ "type": "audit_level",
692
+ "params": {
693
+ "level": "verbose"
694
+ }
695
+ },
696
+ {
697
+ "type": "notify_principal",
698
+ "params": {}
699
+ }
700
+ ],
701
+ "implies": [
702
+ "files.project.files.read"
703
+ ],
704
+ "conflicts_with": [],
705
+ "step_up_required": true
706
+ },
707
+ {
708
+ "id": "files.project.metadata.read",
709
+ "version": "1.0.0",
710
+ "label": "Read project metadata",
711
+ "description": "Peer can read a specific project's metadata (name, description, tags), not its files.",
712
+ "category": "files",
713
+ "risk": "low",
714
+ "parameters": [
715
+ {
716
+ "name": "project_id",
717
+ "type": "ProjectID",
718
+ "required": true
719
+ }
720
+ ],
721
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"read_metadata\",\n resource == Project::\"{{project_id}}\"\n);\n",
722
+ "consent_text_template": "Read metadata for project {{project_id}}.",
723
+ "obligations_forced": [],
724
+ "implies": [],
725
+ "conflicts_with": [],
726
+ "step_up_required": false
727
+ },
728
+ {
729
+ "id": "files.projects.list",
730
+ "version": "1.0.0",
731
+ "label": "List projects",
732
+ "description": "Peer can list project names and IDs from your project registry.",
733
+ "category": "files",
734
+ "risk": "low",
735
+ "parameters": [],
736
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"list\",\n resource == ProjectRegistry::\"self\"\n);\n",
737
+ "consent_text_template": "See the list of your projects (names + IDs only).",
738
+ "obligations_forced": [],
739
+ "implies": [],
740
+ "conflicts_with": [],
741
+ "step_up_required": false
742
+ },
743
+ {
744
+ "id": "files.share.external",
745
+ "version": "1.0.0",
746
+ "label": "Share files outside circle",
747
+ "description": "Peer can share files from a project with an external recipient allowlist.",
748
+ "category": "files",
749
+ "risk": "critical",
750
+ "parameters": [
751
+ {
752
+ "name": "project_id",
753
+ "type": "ProjectID",
754
+ "required": true
755
+ },
756
+ {
757
+ "name": "recipient_allowlist",
758
+ "type": "EmailList",
759
+ "required": true,
760
+ "validation": "rfc5322-or-domain-glob"
761
+ }
762
+ ],
763
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"share_external\",\n resource in Project::\"{{project_id}}\"\n) when {\n context.recipient_matches_allowlist({{recipient_allowlist_json}})\n};\n",
764
+ "consent_text_template": "Share files from {{project_id}} externally to: {{recipient_allowlist_display}}.",
765
+ "obligations_forced": [
766
+ {
767
+ "type": "require_principal_confirmation",
768
+ "params": {
769
+ "max_age_seconds": 0
770
+ }
771
+ },
772
+ {
773
+ "type": "audit_level",
774
+ "params": {
775
+ "level": "verbose"
776
+ }
777
+ },
778
+ {
779
+ "type": "notify_principal",
780
+ "params": {}
781
+ },
782
+ {
783
+ "type": "insert_watermark",
784
+ "params": {}
785
+ }
786
+ ],
787
+ "implies": [],
788
+ "conflicts_with": [
789
+ "files.project.files.delete"
790
+ ],
791
+ "tier_gate": "self_xyz.verified_human",
792
+ "step_up_required": true
793
+ },
794
+ {
795
+ "id": "identity.card.read",
796
+ "version": "1.0.0",
797
+ "label": "Read agent card",
798
+ "description": "Allow the peer agent to fetch your agent card (name, supported protocols, public endpoints).",
799
+ "category": "identity",
800
+ "risk": "low",
801
+ "parameters": [],
802
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"read\",\n resource == AgentCard::\"self\"\n);\n",
803
+ "consent_text_template": "See your public agent card.",
804
+ "obligations_forced": [],
805
+ "implies": [],
806
+ "conflicts_with": [],
807
+ "step_up_required": false
808
+ },
809
+ {
810
+ "id": "identity.introduction.request",
811
+ "version": "1.0.0",
812
+ "label": "Request introduction",
813
+ "description": "Peer can ask your agent to introduce them to another agent you know.",
814
+ "category": "identity",
815
+ "risk": "medium",
816
+ "parameters": [
817
+ {
818
+ "name": "to_agent",
819
+ "type": "AgentDID",
820
+ "required": true
821
+ }
822
+ ],
823
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"request_introduction\",\n resource == Agent::\"{{to_agent}}\"\n);\n",
824
+ "consent_text_template": "Introduce Peer to {{to_agent}}.",
825
+ "obligations_forced": [
826
+ {
827
+ "type": "require_principal_confirmation",
828
+ "params": {
829
+ "max_age_seconds": 86400
830
+ }
831
+ }
832
+ ],
833
+ "implies": [],
834
+ "conflicts_with": [],
835
+ "step_up_required": false
836
+ },
837
+ {
838
+ "id": "identity.principal.verify",
839
+ "version": "1.0.0",
840
+ "label": "Verify owner binding",
841
+ "description": "Peer can fetch and verify your representation VC, confirming which human principal your agent represents.",
842
+ "category": "identity",
843
+ "risk": "low",
844
+ "parameters": [],
845
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"verify_principal\",\n resource == Principal::\"self\"\n);\n",
846
+ "consent_text_template": "Let Peer verify who your agent represents.",
847
+ "obligations_forced": [],
848
+ "implies": [
849
+ "identity.card.read"
850
+ ],
851
+ "conflicts_with": [],
852
+ "step_up_required": false
853
+ },
854
+ {
855
+ "id": "knowledge.query",
856
+ "version": "1.0.0",
857
+ "label": "Query knowledge base",
858
+ "description": "Peer can query a specific knowledge base and receive token-bounded answers.",
859
+ "category": "notes",
860
+ "risk": "medium",
861
+ "parameters": [
862
+ {
863
+ "name": "kb_id",
864
+ "type": "ProjectID",
865
+ "required": true
866
+ },
867
+ {
868
+ "name": "max_tokens",
869
+ "type": "Integer",
870
+ "required": true,
871
+ "default": 8000,
872
+ "validation": "100..50000"
873
+ }
874
+ ],
875
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"query\",\n resource == KnowledgeBase::\"{{kb_id}}\"\n) when {\n context.requested_tokens <= {{max_tokens}}\n};\n",
876
+ "consent_text_template": "Query knowledge base {{kb_id}} (up to {{max_tokens}} tokens/response).",
877
+ "obligations_forced": [
878
+ {
879
+ "type": "summarize_only",
880
+ "params": {
881
+ "max_words": "{{max_tokens}}"
882
+ }
883
+ }
884
+ ],
885
+ "implies": [],
886
+ "conflicts_with": [],
887
+ "step_up_required": false
888
+ },
889
+ {
890
+ "id": "messaging.chat.send",
891
+ "version": "1.0.0",
892
+ "label": "Send chat message",
893
+ "description": "Peer can send chat messages on your behalf within an allowlisted set of channels.",
894
+ "category": "messaging",
895
+ "risk": "medium",
896
+ "parameters": [
897
+ {
898
+ "name": "channel_allowlist",
899
+ "type": "AttributeList",
900
+ "required": true,
901
+ "validation": "at-least-one"
902
+ }
903
+ ],
904
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"send_chat\",\n resource == ChatChannel\n) when {\n resource.id in {{channel_allowlist_json}}\n};\n",
905
+ "consent_text_template": "Send chat messages on your behalf in: {{channel_allowlist_display}}.",
906
+ "obligations_forced": [
907
+ {
908
+ "type": "audit_level",
909
+ "params": {
910
+ "level": "verbose"
911
+ }
912
+ }
913
+ ],
914
+ "implies": [],
915
+ "conflicts_with": [],
916
+ "step_up_required": false
917
+ },
918
+ {
919
+ "id": "messaging.email.draft.compose",
920
+ "version": "1.0.0",
921
+ "label": "Compose drafts (no send)",
922
+ "description": "Peer can compose email drafts in your drafts folder without sending them.",
923
+ "category": "messaging",
924
+ "risk": "medium",
925
+ "parameters": [],
926
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"compose_draft\",\n resource == Email::\"drafts\"\n);\nforbid (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"send_email\",\n resource\n);\n",
927
+ "consent_text_template": "Compose email drafts for you to review (no sending).",
928
+ "obligations_forced": [],
929
+ "implies": [],
930
+ "conflicts_with": [],
931
+ "step_up_required": false
932
+ },
933
+ {
934
+ "id": "messaging.email.send.reviewed",
935
+ "version": "1.0.0",
936
+ "label": "Send email (after your review)",
937
+ "description": "Peer drafts emails on your behalf; each send requires your one-tap approval before going out.",
938
+ "category": "messaging",
939
+ "risk": "high",
940
+ "parameters": [
941
+ {
942
+ "name": "recipient_allowlist",
943
+ "type": "EmailList",
944
+ "required": false,
945
+ "default": [],
946
+ "validation": "rfc5322-or-domain-glob"
947
+ }
948
+ ],
949
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"send_email\",\n resource == Email::\"outbox\"\n) when {\n {{#if recipient_allowlist}}\n context.recipient_matches_allowlist({{recipient_allowlist_json}})\n {{else}}\n true\n {{/if}}\n};\n",
950
+ "consent_text_template": "Draft and (with your approval) send emails{{#if recipient_allowlist}} to: {{recipient_allowlist_display}}{{/if}}.",
951
+ "obligations_forced": [
952
+ {
953
+ "type": "require_principal_confirmation",
954
+ "params": {
955
+ "max_age_seconds": 0
956
+ }
957
+ },
958
+ {
959
+ "type": "audit_level",
960
+ "params": {
961
+ "level": "verbose"
962
+ }
963
+ }
964
+ ],
965
+ "implies": [
966
+ "messaging.email.draft.compose"
967
+ ],
968
+ "conflicts_with": [],
969
+ "step_up_required": true
970
+ },
971
+ {
972
+ "id": "messaging.email.summary",
973
+ "version": "1.0.0",
974
+ "label": "Email summaries only",
975
+ "description": "Peer receives only summaries of your email threads, never the raw content.",
976
+ "category": "messaging",
977
+ "risk": "medium",
978
+ "parameters": [
979
+ {
980
+ "name": "label_filter",
981
+ "type": "AttributeList",
982
+ "required": false,
983
+ "default": [],
984
+ "validation": "label-or-folder-name"
985
+ }
986
+ ],
987
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"summarize\",\n resource == Email\n);\n",
988
+ "consent_text_template": "Share email summaries (never raw content){{#if label_filter}} for labels: {{label_filter_display}}{{/if}}.",
989
+ "obligations_forced": [
990
+ {
991
+ "type": "summarize_only",
992
+ "params": {
993
+ "max_words": 250
994
+ }
995
+ }
996
+ ],
997
+ "implies": [],
998
+ "conflicts_with": [],
999
+ "step_up_required": false
1000
+ },
1001
+ {
1002
+ "id": "messaging.email.thread.read",
1003
+ "version": "1.0.0",
1004
+ "label": "Read email threads",
1005
+ "description": "Peer can read the full contents of email threads matching optional label filters.",
1006
+ "category": "messaging",
1007
+ "risk": "high",
1008
+ "parameters": [
1009
+ {
1010
+ "name": "label_filter",
1011
+ "type": "AttributeList",
1012
+ "required": false,
1013
+ "default": [],
1014
+ "validation": "label-or-folder-name"
1015
+ }
1016
+ ],
1017
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"read\",\n resource == Email\n) {{#if label_filter}}when {\n resource.labels.containsAny({{label_filter_json}})\n}{{/if}};\n",
1018
+ "consent_text_template": "Read email thread contents{{#if label_filter}} for labels: {{label_filter_display}}{{/if}}.",
1019
+ "obligations_forced": [
1020
+ {
1021
+ "type": "audit_level",
1022
+ "params": {
1023
+ "level": "verbose"
1024
+ }
1025
+ }
1026
+ ],
1027
+ "implies": [
1028
+ "messaging.email.summary"
1029
+ ],
1030
+ "conflicts_with": [],
1031
+ "step_up_required": true
1032
+ },
1033
+ {
1034
+ "id": "messaging.relay.to_principal",
1035
+ "version": "1.0.0",
1036
+ "label": "Relay message to owner",
1037
+ "description": "Peer can ask your agent to relay a short message to you (the principal).",
1038
+ "category": "messaging",
1039
+ "risk": "low",
1040
+ "parameters": [],
1041
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"relay_to_principal\",\n resource == Principal::\"self\"\n);\n",
1042
+ "consent_text_template": "Let Peer send you short relayed messages.",
1043
+ "obligations_forced": [
1044
+ {
1045
+ "type": "rate_limit",
1046
+ "params": {
1047
+ "window": "hour",
1048
+ "max": 10
1049
+ }
1050
+ }
1051
+ ],
1052
+ "implies": [],
1053
+ "conflicts_with": [],
1054
+ "step_up_required": false
1055
+ },
1056
+ {
1057
+ "id": "notes.read",
1058
+ "version": "1.0.0",
1059
+ "label": "Read notes",
1060
+ "description": "Peer can read full note contents in a specific collection.",
1061
+ "category": "notes",
1062
+ "risk": "medium",
1063
+ "parameters": [
1064
+ {
1065
+ "name": "collection_id",
1066
+ "type": "ProjectID",
1067
+ "required": true
1068
+ }
1069
+ ],
1070
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"read\",\n resource in Collection::\"{{collection_id}}\"\n);\n",
1071
+ "consent_text_template": "Read notes in collection {{collection_id}}.",
1072
+ "obligations_forced": [
1073
+ {
1074
+ "type": "audit_level",
1075
+ "params": {
1076
+ "level": "verbose"
1077
+ }
1078
+ }
1079
+ ],
1080
+ "implies": [
1081
+ "notes.search"
1082
+ ],
1083
+ "conflicts_with": [],
1084
+ "step_up_required": false
1085
+ },
1086
+ {
1087
+ "id": "notes.search",
1088
+ "version": "1.0.0",
1089
+ "label": "Search notes",
1090
+ "description": "Peer can search notes within a collection and receive title+snippet matches.",
1091
+ "category": "notes",
1092
+ "risk": "medium",
1093
+ "parameters": [
1094
+ {
1095
+ "name": "collection_id",
1096
+ "type": "ProjectID",
1097
+ "required": true
1098
+ }
1099
+ ],
1100
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"search\",\n resource in Collection::\"{{collection_id}}\"\n);\n",
1101
+ "consent_text_template": "Search notes in collection {{collection_id}}.",
1102
+ "obligations_forced": [
1103
+ {
1104
+ "type": "summarize_only",
1105
+ "params": {
1106
+ "max_words": 100
1107
+ }
1108
+ }
1109
+ ],
1110
+ "implies": [],
1111
+ "conflicts_with": [],
1112
+ "step_up_required": false
1113
+ },
1114
+ {
1115
+ "id": "notes.write",
1116
+ "version": "1.0.0",
1117
+ "label": "Create/update notes",
1118
+ "description": "Peer can create and update notes in a collection, up to a daily cap.",
1119
+ "category": "notes",
1120
+ "risk": "medium",
1121
+ "parameters": [
1122
+ {
1123
+ "name": "collection_id",
1124
+ "type": "ProjectID",
1125
+ "required": true
1126
+ },
1127
+ {
1128
+ "name": "max_per_day",
1129
+ "type": "Integer",
1130
+ "required": true,
1131
+ "default": 100,
1132
+ "validation": "1..1000"
1133
+ }
1134
+ ],
1135
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action in [Action::\"write\", Action::\"update\"],\n resource in Collection::\"{{collection_id}}\"\n) when {\n context.notes_written_today < {{max_per_day}}\n};\n",
1136
+ "consent_text_template": "Create/update notes in {{collection_id}} (up to {{max_per_day}}/day).",
1137
+ "obligations_forced": [
1138
+ {
1139
+ "type": "audit_level",
1140
+ "params": {
1141
+ "level": "verbose"
1142
+ }
1143
+ }
1144
+ ],
1145
+ "implies": [
1146
+ "notes.read"
1147
+ ],
1148
+ "conflicts_with": [],
1149
+ "step_up_required": false
1150
+ },
1151
+ {
1152
+ "id": "payments.authorize.capped",
1153
+ "version": "1.0.0",
1154
+ "label": "Authorize payments up to a cap",
1155
+ "description": "Peer can trigger x402 payments up to the per-transaction and rolling 30-day caps you set.",
1156
+ "category": "payments",
1157
+ "risk": "high",
1158
+ "parameters": [
1159
+ {
1160
+ "name": "max_per_txn_usd",
1161
+ "type": "Decimal",
1162
+ "required": true,
1163
+ "default": 5,
1164
+ "validation": "0.01..1000"
1165
+ },
1166
+ {
1167
+ "name": "max_per_30d_usd",
1168
+ "type": "Decimal",
1169
+ "required": true,
1170
+ "default": 50,
1171
+ "validation": "0.01..10000"
1172
+ }
1173
+ ],
1174
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"authorize_payment\",\n resource == Wallet::\"primary\"\n) when {\n context.quoted_price_usd <= {{max_per_txn_usd}} &&\n context.spend_last_30d_usd + context.quoted_price_usd <= {{max_per_30d_usd}}\n};\n",
1175
+ "consent_text_template": "Pay up to ${{max_per_txn_usd}} per request, ${{max_per_30d_usd}} total per 30 days.",
1176
+ "obligations_forced": [
1177
+ {
1178
+ "type": "notify_principal",
1179
+ "params": {}
1180
+ },
1181
+ {
1182
+ "type": "audit_level",
1183
+ "params": {
1184
+ "level": "verbose"
1185
+ }
1186
+ }
1187
+ ],
1188
+ "implies": [],
1189
+ "conflicts_with": [],
1190
+ "tier_gate": "self_xyz.verified_human",
1191
+ "step_up_required": true
1192
+ },
1193
+ {
1194
+ "id": "payments.history.read",
1195
+ "version": "1.0.0",
1196
+ "label": "Read past transactions",
1197
+ "description": "Peer can read your payment history for the past N days.",
1198
+ "category": "payments",
1199
+ "risk": "medium",
1200
+ "parameters": [
1201
+ {
1202
+ "name": "days_back",
1203
+ "type": "Integer",
1204
+ "required": true,
1205
+ "default": 30,
1206
+ "validation": "1..365"
1207
+ }
1208
+ ],
1209
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"read\",\n resource == PaymentHistory::\"self\"\n) when {\n context.query_window_days <= {{days_back}}\n};\n",
1210
+ "consent_text_template": "Read payment history for the past {{days_back}} days.",
1211
+ "obligations_forced": [
1212
+ {
1213
+ "type": "audit_level",
1214
+ "params": {
1215
+ "level": "verbose"
1216
+ }
1217
+ }
1218
+ ],
1219
+ "implies": [],
1220
+ "conflicts_with": [],
1221
+ "step_up_required": false
1222
+ },
1223
+ {
1224
+ "id": "payments.quote.request",
1225
+ "version": "1.0.0",
1226
+ "label": "Request a price quote",
1227
+ "description": "Peer can request a price quote for an action or purchase (quote only, no payment).",
1228
+ "category": "payments",
1229
+ "risk": "low",
1230
+ "parameters": [],
1231
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"request_quote\",\n resource == Wallet::\"primary\"\n);\n",
1232
+ "consent_text_template": "Let Peer request a price quote (no payment).",
1233
+ "obligations_forced": [],
1234
+ "implies": [],
1235
+ "conflicts_with": [],
1236
+ "step_up_required": false
1237
+ },
1238
+ {
1239
+ "id": "payments.refund.request",
1240
+ "version": "1.0.0",
1241
+ "label": "Request refund",
1242
+ "description": "Peer can request a refund against a prior payment.",
1243
+ "category": "payments",
1244
+ "risk": "medium",
1245
+ "parameters": [],
1246
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"request_refund\",\n resource == Payment\n);\n",
1247
+ "consent_text_template": "Let Peer request a refund on a prior payment.",
1248
+ "obligations_forced": [
1249
+ {
1250
+ "type": "require_principal_confirmation",
1251
+ "params": {
1252
+ "max_age_seconds": 0
1253
+ }
1254
+ },
1255
+ {
1256
+ "type": "audit_level",
1257
+ "params": {
1258
+ "level": "verbose"
1259
+ }
1260
+ }
1261
+ ],
1262
+ "implies": [],
1263
+ "conflicts_with": [],
1264
+ "step_up_required": false
1265
+ },
1266
+ {
1267
+ "id": "tasks.assign",
1268
+ "version": "1.0.0",
1269
+ "label": "Assign tasks to humans",
1270
+ "description": "Peer can assign tasks in a project to specific people.",
1271
+ "category": "tasks",
1272
+ "risk": "high",
1273
+ "parameters": [
1274
+ {
1275
+ "name": "project_id",
1276
+ "type": "ProjectID",
1277
+ "required": true
1278
+ }
1279
+ ],
1280
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"assign\",\n resource in Project::\"{{project_id}}\"\n);\n",
1281
+ "consent_text_template": "Assign tasks to people in project {{project_id}}.",
1282
+ "obligations_forced": [
1283
+ {
1284
+ "type": "audit_level",
1285
+ "params": {
1286
+ "level": "verbose"
1287
+ }
1288
+ },
1289
+ {
1290
+ "type": "notify_principal",
1291
+ "params": {}
1292
+ }
1293
+ ],
1294
+ "implies": [
1295
+ "tasks.read"
1296
+ ],
1297
+ "conflicts_with": [],
1298
+ "step_up_required": true
1299
+ },
1300
+ {
1301
+ "id": "tasks.create",
1302
+ "version": "1.0.0",
1303
+ "label": "Create tasks",
1304
+ "description": "Peer can create tasks in a project, up to a daily cap.",
1305
+ "category": "tasks",
1306
+ "risk": "medium",
1307
+ "parameters": [
1308
+ {
1309
+ "name": "project_id",
1310
+ "type": "ProjectID",
1311
+ "required": true
1312
+ },
1313
+ {
1314
+ "name": "max_per_day",
1315
+ "type": "Integer",
1316
+ "required": true,
1317
+ "default": 50,
1318
+ "validation": "1..500"
1319
+ }
1320
+ ],
1321
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"create\",\n resource in Project::\"{{project_id}}\"\n) when {\n context.tasks_created_today < {{max_per_day}}\n};\n",
1322
+ "consent_text_template": "Create tasks in {{project_id}} (up to {{max_per_day}}/day).",
1323
+ "obligations_forced": [
1324
+ {
1325
+ "type": "audit_level",
1326
+ "params": {
1327
+ "level": "verbose"
1328
+ }
1329
+ }
1330
+ ],
1331
+ "implies": [],
1332
+ "conflicts_with": [],
1333
+ "step_up_required": false
1334
+ },
1335
+ {
1336
+ "id": "tasks.list",
1337
+ "version": "1.0.0",
1338
+ "label": "List tasks",
1339
+ "description": "Peer can list tasks within a project.",
1340
+ "category": "tasks",
1341
+ "risk": "low",
1342
+ "parameters": [
1343
+ {
1344
+ "name": "project_id",
1345
+ "type": "ProjectID",
1346
+ "required": true
1347
+ }
1348
+ ],
1349
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"list\",\n resource in Project::\"{{project_id}}\"\n);\n",
1350
+ "consent_text_template": "List tasks in project {{project_id}}.",
1351
+ "obligations_forced": [],
1352
+ "implies": [],
1353
+ "conflicts_with": [],
1354
+ "step_up_required": false
1355
+ },
1356
+ {
1357
+ "id": "tasks.read",
1358
+ "version": "1.0.0",
1359
+ "label": "Read task details",
1360
+ "description": "Peer can read details (title, status, assignee, due) of tasks within a project.",
1361
+ "category": "tasks",
1362
+ "risk": "low",
1363
+ "parameters": [
1364
+ {
1365
+ "name": "project_id",
1366
+ "type": "ProjectID",
1367
+ "required": true
1368
+ }
1369
+ ],
1370
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"read\",\n resource in Project::\"{{project_id}}\"\n);\n",
1371
+ "consent_text_template": "Read task details in project {{project_id}}.",
1372
+ "obligations_forced": [],
1373
+ "implies": [
1374
+ "tasks.list"
1375
+ ],
1376
+ "conflicts_with": [],
1377
+ "step_up_required": false
1378
+ },
1379
+ {
1380
+ "id": "tasks.status.update",
1381
+ "version": "1.0.0",
1382
+ "label": "Update task status",
1383
+ "description": "Peer can update the status (open/in-progress/done) of tasks in a project.",
1384
+ "category": "tasks",
1385
+ "risk": "medium",
1386
+ "parameters": [
1387
+ {
1388
+ "name": "project_id",
1389
+ "type": "ProjectID",
1390
+ "required": true
1391
+ }
1392
+ ],
1393
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"update_status\",\n resource in Project::\"{{project_id}}\"\n);\n",
1394
+ "consent_text_template": "Update task status in {{project_id}}.",
1395
+ "obligations_forced": [],
1396
+ "implies": [
1397
+ "tasks.read"
1398
+ ],
1399
+ "conflicts_with": [],
1400
+ "step_up_required": false
1401
+ },
1402
+ {
1403
+ "id": "tools.invoke.mutating",
1404
+ "version": "1.0.0",
1405
+ "label": "Invoke tools with side effects",
1406
+ "description": "Peer can invoke specific tools on your MCP server that cause changes (not just reads).",
1407
+ "category": "tools",
1408
+ "risk": "high",
1409
+ "parameters": [
1410
+ {
1411
+ "name": "tool_allowlist",
1412
+ "type": "ToolIDList",
1413
+ "required": true,
1414
+ "validation": "at-least-one"
1415
+ },
1416
+ {
1417
+ "name": "max_per_day",
1418
+ "type": "Integer",
1419
+ "required": true,
1420
+ "default": 20,
1421
+ "validation": "1..1000"
1422
+ }
1423
+ ],
1424
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"invoke_tool\",\n resource == Tool\n) when {\n resource.id in {{tool_allowlist_json}} &&\n context.requests_last_day <= {{max_per_day}}\n};\n",
1425
+ "consent_text_template": "Use these tools on your behalf (max {{max_per_day}}/day): {{tool_allowlist_display}}.",
1426
+ "obligations_forced": [
1427
+ {
1428
+ "type": "audit_level",
1429
+ "params": {
1430
+ "level": "verbose"
1431
+ }
1432
+ },
1433
+ {
1434
+ "type": "rate_limit",
1435
+ "params": {
1436
+ "window": "day",
1437
+ "max": "{{max_per_day}}"
1438
+ }
1439
+ }
1440
+ ],
1441
+ "implies": [],
1442
+ "conflicts_with": [],
1443
+ "step_up_required": true
1444
+ },
1445
+ {
1446
+ "id": "tools.invoke.read",
1447
+ "version": "1.0.0",
1448
+ "label": "Invoke read-only tools",
1449
+ "description": "Peer can invoke read-only (no-side-effect) tools on your MCP server, restricted to an allowlist.",
1450
+ "category": "tools",
1451
+ "risk": "medium",
1452
+ "parameters": [
1453
+ {
1454
+ "name": "tool_allowlist",
1455
+ "type": "ToolIDList",
1456
+ "required": true,
1457
+ "validation": "at-least-one"
1458
+ }
1459
+ ],
1460
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"invoke_tool\",\n resource == Tool\n) when {\n resource.id in {{tool_allowlist_json}} &&\n resource.readonly == true\n};\n",
1461
+ "consent_text_template": "Invoke these read-only tools on your behalf: {{tool_allowlist_display}}.",
1462
+ "obligations_forced": [
1463
+ {
1464
+ "type": "audit_level",
1465
+ "params": {
1466
+ "level": "verbose"
1467
+ }
1468
+ }
1469
+ ],
1470
+ "implies": [],
1471
+ "conflicts_with": [],
1472
+ "step_up_required": false
1473
+ },
1474
+ {
1475
+ "id": "work.projects.list",
1476
+ "version": "1.0.0",
1477
+ "label": "Current active projects",
1478
+ "description": "Peer can see the list of projects you're actively working on (names only).",
1479
+ "category": "work",
1480
+ "risk": "low",
1481
+ "parameters": [],
1482
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"list\",\n resource == WorkProjects::\"self\"\n);\n",
1483
+ "consent_text_template": "Share the list of your active projects.",
1484
+ "obligations_forced": [],
1485
+ "implies": [],
1486
+ "conflicts_with": [],
1487
+ "step_up_required": false
1488
+ },
1489
+ {
1490
+ "id": "work.reports.summary",
1491
+ "version": "1.0.0",
1492
+ "label": "Generate status summary",
1493
+ "description": "Peer can ask your agent to generate a status summary for a bounded time period.",
1494
+ "category": "work",
1495
+ "risk": "medium",
1496
+ "parameters": [
1497
+ {
1498
+ "name": "period",
1499
+ "type": "Enum",
1500
+ "required": true,
1501
+ "default": "week",
1502
+ "validation": [
1503
+ "day",
1504
+ "week",
1505
+ "month",
1506
+ "quarter"
1507
+ ]
1508
+ }
1509
+ ],
1510
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"summarize\",\n resource == WorkReport::\"self\"\n) when {\n context.period == \"{{period}}\"\n};\n",
1511
+ "consent_text_template": "Generate a {{period}} work status summary.",
1512
+ "obligations_forced": [
1513
+ {
1514
+ "type": "summarize_only",
1515
+ "params": {
1516
+ "max_words": 1000
1517
+ }
1518
+ }
1519
+ ],
1520
+ "implies": [
1521
+ "work.status.read"
1522
+ ],
1523
+ "conflicts_with": [],
1524
+ "step_up_required": false
1525
+ },
1526
+ {
1527
+ "id": "work.status.read",
1528
+ "version": "1.0.0",
1529
+ "label": "Current work status",
1530
+ "description": "Peer can see your current work status (available, busy, out-of-office).",
1531
+ "category": "work",
1532
+ "risk": "low",
1533
+ "parameters": [],
1534
+ "cedar_template": "permit (\n principal == Agent::\"{{audience_did}}\",\n action == Action::\"read\",\n resource == WorkStatus::\"self\"\n);\n",
1535
+ "consent_text_template": "Share your current work status (available/busy/OOO).",
1536
+ "obligations_forced": [],
1537
+ "implies": [],
1538
+ "conflicts_with": [],
1539
+ "step_up_required": false
1540
+ }
1541
+ ]
1542
+ }