@machina.ai/cell-cli-core 1.19.4-rc3 → 1.22.5-rc1

package/dist/src/policy/persistence.test.js

@@ -0,0 +1,154 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { describe, it, expect, vi, beforeEach, afterEach, } from 'vitest';
+import * as fs from 'node:fs/promises';
+import * as path from 'node:path';
+import { createPolicyUpdater } from './config.js';
+import { PolicyEngine } from './policy-engine.js';
+import { MessageBus } from '../confirmation-bus/message-bus.js';
+import { MessageBusType } from '../confirmation-bus/types.js';
+import { Storage } from '../config/storage.js';
+import { ApprovalMode } from './types.js';
+vi.mock('node:fs/promises');
+vi.mock('../config/storage.js');
+describe('createPolicyUpdater', () => {
+    let policyEngine;
+    let messageBus;
+    beforeEach(() => {
+        policyEngine = new PolicyEngine({
+            rules: [],
+            checkers: [],
+            approvalMode: ApprovalMode.DEFAULT,
+        });
+        messageBus = new MessageBus(policyEngine);
+        vi.clearAllMocks();
+    });
+    afterEach(() => {
+        vi.restoreAllMocks();
+    });
+    it('should persist policy when persist flag is true', async () => {
+        createPolicyUpdater(policyEngine, messageBus);
+        const userPoliciesDir = '/mock/user/policies';
+        vi.spyOn(Storage, 'getUserPoliciesDir').mockReturnValue(userPoliciesDir);
+        fs.mkdir.mockResolvedValue(undefined);
+        fs.readFile.mockRejectedValue(new Error('File not found')); // Simulate new file
+        fs.writeFile.mockResolvedValue(undefined);
+        fs.rename.mockResolvedValue(undefined);
+        const toolName = 'test_tool';
+        await messageBus.publish({
+            type: MessageBusType.UPDATE_POLICY,
+            toolName,
+            persist: true,
+        });
+        // Wait for async operations (microtasks)
+        await new Promise((resolve) => setTimeout(resolve, 0));
+        expect(Storage.getUserPoliciesDir).toHaveBeenCalled();
+        expect(fs.mkdir).toHaveBeenCalledWith(userPoliciesDir, {
+            recursive: true,
+        });
+        // Check written content
+        const expectedContent = expect.stringContaining(`toolName = "test_tool"`);
+        expect(fs.writeFile).toHaveBeenCalledWith(expect.stringMatching(/\.tmp$/), expectedContent, 'utf-8');
+        expect(fs.rename).toHaveBeenCalledWith(expect.stringMatching(/\.tmp$/), path.join(userPoliciesDir, 'auto-saved.toml'));
+    });
+    it('should not persist policy when persist flag is false or undefined', async () => {
+        createPolicyUpdater(policyEngine, messageBus);
+        await messageBus.publish({
+            type: MessageBusType.UPDATE_POLICY,
+            toolName: 'test_tool',
+        });
+        await new Promise((resolve) => setTimeout(resolve, 0));
+        expect(fs.writeFile).not.toHaveBeenCalled();
+        expect(fs.rename).not.toHaveBeenCalled();
+    });
+    it('should persist policy with commandPrefix when provided', async () => {
+        createPolicyUpdater(policyEngine, messageBus);
+        const userPoliciesDir = '/mock/user/policies';
+        vi.spyOn(Storage, 'getUserPoliciesDir').mockReturnValue(userPoliciesDir);
+        fs.mkdir.mockResolvedValue(undefined);
+        fs.readFile.mockRejectedValue(new Error('File not found'));
+        fs.writeFile.mockResolvedValue(undefined);
+        fs.rename.mockResolvedValue(undefined);
+        const toolName = 'run_shell_command';
+        const commandPrefix = 'git status';
+        await messageBus.publish({
+            type: MessageBusType.UPDATE_POLICY,
+            toolName,
+            persist: true,
+            commandPrefix,
+        });
+        await new Promise((resolve) => setTimeout(resolve, 0));
+        // In-memory rule check (unchanged)
+        const rules = policyEngine.getRules();
+        const addedRule = rules.find((r) => r.toolName === toolName);
+        expect(addedRule).toBeDefined();
+        expect(addedRule?.priority).toBe(2.95);
+        expect(addedRule?.argsPattern).toEqual(new RegExp(`"command":"git status(?:[\\s"]|$)`));
+        // Verify file written
+        expect(fs.writeFile).toHaveBeenCalledWith(expect.stringMatching(/\.tmp$/), expect.stringContaining(`commandPrefix = "git status"`), 'utf-8');
+    });
+    it('should persist policy with mcpName and toolName when provided', async () => {
+        createPolicyUpdater(policyEngine, messageBus);
+        const userPoliciesDir = '/mock/user/policies';
+        vi.spyOn(Storage, 'getUserPoliciesDir').mockReturnValue(userPoliciesDir);
+        fs.mkdir.mockResolvedValue(undefined);
+        fs.readFile.mockRejectedValue(new Error('File not found'));
+        fs.writeFile.mockResolvedValue(undefined);
+        fs.rename.mockResolvedValue(undefined);
+        const mcpName = 'my-jira-server';
+        const simpleToolName = 'search';
+        const toolName = `${mcpName}__${simpleToolName}`;
+        await messageBus.publish({
+            type: MessageBusType.UPDATE_POLICY,
+            toolName,
+            persist: true,
+            mcpName,
+        });
+        await new Promise((resolve) => setTimeout(resolve, 0));
+        // Verify file written
+        const writeCall = fs.writeFile.mock.calls[0];
+        const writtenContent = writeCall[1];
+        expect(writtenContent).toContain(`mcpName = "${mcpName}"`);
+        expect(writtenContent).toContain(`toolName = "${simpleToolName}"`);
+        expect(writtenContent).toContain('priority = 200');
+    });
+    it('should escape special characters in toolName and mcpName', async () => {
+        createPolicyUpdater(policyEngine, messageBus);
+        const userPoliciesDir = '/mock/user/policies';
+        vi.spyOn(Storage, 'getUserPoliciesDir').mockReturnValue(userPoliciesDir);
+        fs.mkdir.mockResolvedValue(undefined);
+        fs.readFile.mockRejectedValue(new Error('File not found'));
+        fs.writeFile.mockResolvedValue(undefined);
+        fs.rename.mockResolvedValue(undefined);
+        const mcpName = 'my"jira"server';
+        const toolName = `my"jira"server__search"tool"`;
+        await messageBus.publish({
+            type: MessageBusType.UPDATE_POLICY,
+            toolName,
+            persist: true,
+            mcpName,
+        });
+        await new Promise((resolve) => setTimeout(resolve, 0));
+        const writeCall = fs.writeFile.mock.calls[0];
+        const writtenContent = writeCall[1];
+        // Verify escaping - should be valid TOML
+        // Note: @iarna/toml optimizes for shortest representation, so it may use single quotes 'foo"bar'
+        // instead of "foo\"bar\"" if there are no single quotes in the string.
+        try {
+            expect(writtenContent).toContain(`mcpName = "my\\"jira\\"server"`);
+        }
+        catch {
+            expect(writtenContent).toContain(`mcpName = 'my"jira"server'`);
+        }
+        try {
+            expect(writtenContent).toContain(`toolName = "search\\"tool\\""`);
+        }
+        catch {
+            expect(writtenContent).toContain(`toolName = 'search"tool"'`);
+        }
+    });
+});
+//# sourceMappingURL=persistence.test.js.map

package/dist/src/policy/persistence.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"persistence.test.js","sourceRoot":"","sources":["../../../src/policy/persistence.test.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EACL,QAAQ,EACR,EAAE,EACF,MAAM,EACN,EAAE,EACF,UAAU,EACV,SAAS,GAEV,MAAM,QAAQ,CAAC;AAChB,OAAO,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACvC,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,UAAU,EAAE,MAAM,oCAAoC,CAAC;AAChE,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE1C,EAAE,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;AAC5B,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;AAEhC,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,IAAI,YAA0B,CAAC;IAC/B,IAAI,UAAsB,CAAC;IAE3B,UAAU,CAAC,GAAG,EAAE;QACd,YAAY,GAAG,IAAI,YAAY,CAAC;YAC9B,KAAK,EAAE,EAAE;YACT,QAAQ,EAAE,EAAE;YACZ,YAAY,EAAE,YAAY,CAAC,OAAO;SACnC,CAAC,CAAC;QACH,UAAU,GAAG,IAAI,UAAU,CAAC,YAAY,CAAC,CAAC;QAC1C,EAAE,CAAC,aAAa,EAAE,CAAC;IACrB,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,EAAE,CAAC,eAAe,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;QAC/D,mBAAmB,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QAE9C,MAAM,eAAe,GAAG,qBAAqB,CAAC;QAC9C,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,oBAAoB,CAAC,CAAC,eAAe,CAAC,eAAe,CAAC,CAAC;QACxE,EAAE,CAAC,KAAyB,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAC1D,EAAE,CAAC,QAA4B,CAAC,iBAAiB,CAChD,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAC5B,CAAC,CAAC,oBAAoB;QACtB,EAAE,CAAC,SAA6B,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAC9D,EAAE,CAAC,MAA0B,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAE5D,MAAM,QAAQ,GAAG,WAAW,CAAC;QAC7B,MAAM,UAAU,CAAC,OAAO,CAAC;YACvB,IAAI,EAAE,cAAc,CAAC,aAAa;YAClC,QAAQ;YACR,OAAO,EAAE,IAAI;SACd,CAAC,CAAC;QAEH,yCAAyC;QACzC,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;QAEvD,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,gBAAgB,EAAE,CAAC;QACtD,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,oBAAoB,CAAC,eAAe,EAAE;YACrD,SAAS,EAAE,IAAI;SAChB,CAAC,CAAC;QAEH,wBAAwB;QACxB,MAAM,eAAe,GAAG,MAAM,CAAC,gBAAgB,CAAC,wBAAwB,CAAC,CAAC;QAC1E,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACvC,MAAM,CAAC,cAAc,CAAC,QAAQ,CAAC,EAC/B,eAAe,EACf,OAAO,CACR,CAAC;QACF,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,oBAAoB,CACpC,MAAM,CAAC,cAAc,CAAC,QAAQ,CAAC,EAC/B,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,iBAAiB,CAAC,CAC9C,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mEAAmE,EAAE,KAAK,IAAI,EAAE;QACjF,mBAAmB,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QAE9C,MAAM,UAAU,CAAC,OAAO,CAAC;YACvB,IAAI,EAAE,cAAc,CAAC,aAAa;YAClC,QAAQ,EAAE,WAAW;SACtB,CAAC,CAAC;QAEH,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;QAEvD,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;QAC5C,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;QACtE,mBAAmB,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QAE9C,MAAM,eAAe,GAAG,qBAAqB,CAAC;QAC9C,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,oBAAoB,CAAC,CAAC,eAAe,CAAC,eAAe,CAAC,CAAC;QACxE,EAAE,CAAC,KAAyB,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAC1D,EAAE,CAAC,QAA4B,CAAC,iBAAiB,CAChD,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAC5B,CAAC;QACD,EAAE,CAAC,SAA6B,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAC9D,EAAE,CAAC,MAA0B,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAE5D,MAAM,QAAQ,GAAG,mBAAmB,CAAC;QACrC,MAAM,aAAa,GAAG,YAAY,CAAC;QAEnC,MAAM,UAAU,CAAC,OAAO,CAAC;YACvB,IAAI,EAAE,cAAc,CAAC,aAAa;YAClC,QAAQ;YACR,OAAO,EAAE,IAAI;YACb,aAAa;SACd,CAAC,CAAC;QAEH,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;QAEvD,mCAAmC;QACnC,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,EAAE,CAAC;QACtC,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;QAC7D,MAAM,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;QAChC,MAAM,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC,OAAO,CACpC,IAAI,MAAM,CAAC,mCAAmC,CAAC,CAChD,CAAC;QAEF,sBAAsB;QACtB,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACvC,MAAM,CAAC,cAAc,CAAC,QAAQ,CAAC,EAC/B,MAAM,CAAC,gBAAgB,CAAC,8BAA8B,CAAC,EACvD,OAAO,CACR,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+DAA+D,EAAE,KAAK,IAAI,EAAE;QAC7E,mBAAmB,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QAE9C,MAAM,eAAe,GAAG,qBAAqB,CAAC;QAC9C,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,oBAAoB,CAAC,CAAC,eAAe,CAAC,eAAe,CAAC,CAAC;QACxE,EAAE,CAAC,KAAyB,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAC1D,EAAE,CAAC,QAA4B,CAAC,iBAAiB,CAChD,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAC5B,CAAC;QACD,EAAE,CAAC,SAA6B,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAC9D,EAAE,CAAC,MAA0B,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAE5D,MAAM,OAAO,GAAG,gBAAgB,CAAC;QACjC,MAAM,cAAc,GAAG,QAAQ,CAAC;QAChC,MAAM,QAAQ,GAAG,GAAG,OAAO,KAAK,cAAc,EAAE,CAAC;QAEjD,MAAM,UAAU,CAAC,OAAO,CAAC;YACvB,IAAI,EAAE,cAAc,CAAC,aAAa;YAClC,QAAQ;YACR,OAAO,EAAE,IAAI;YACb,OAAO;SACR,CAAC,CAAC;QAEH,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;QAEvD,sBAAsB;QACtB,MAAM,SAAS,GAAI,EAAE,CAAC,SAA6B,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAClE,MAAM,cAAc,GAAG,SAAS,CAAC,CAAC,CAAW,CAAC;QAC9C,MAAM,CAAC,cAAc,CAAC,CAAC,SAAS,CAAC,cAAc,OAAO,GAAG,CAAC,CAAC;QAC3D,MAAM,CAAC,cAAc,CAAC,CAAC,SAAS,CAAC,eAAe,cAAc,GAAG,CAAC,CAAC;QACnE,MAAM,CAAC,cAAc,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0DAA0D,EAAE,KAAK,IAAI,EAAE;QACxE,mBAAmB,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QAE9C,MAAM,eAAe,GAAG,qBAAqB,CAAC;QAC9C,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,oBAAoB,CAAC,CAAC,eAAe,CAAC,eAAe,CAAC,CAAC;QACxE,EAAE,CAAC,KAAyB,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAC1D,EAAE,CAAC,QAA4B,CAAC,iBAAiB,CAChD,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAC5B,CAAC;QACD,EAAE,CAAC,SAA6B,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAC9D,EAAE,CAAC,MAA0B,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAE5D,MAAM,OAAO,GAAG,gBAAgB,CAAC;QACjC,MAAM,QAAQ,GAAG,8BAA8B,CAAC;QAEhD,MAAM,UAAU,CAAC,OAAO,CAAC;YACvB,IAAI,EAAE,cAAc,CAAC,aAAa;YAClC,QAAQ;YACR,OAAO,EAAE,IAAI;YACb,OAAO;SACR,CAAC,CAAC;QAEH,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;QAEvD,MAAM,SAAS,GAAI,EAAE,CAAC,SAA6B,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAClE,MAAM,cAAc,GAAG,SAAS,CAAC,CAAC,CAAW,CAAC;QAE9C,yCAAyC;QACzC,iGAAiG;QACjG,uEAAuE;QACvE,IAAI,CAAC;YACH,MAAM,CAAC,cAAc,CAAC,CAAC,SAAS,CAAC,gCAAgC,CAAC,CAAC;QACrE,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,CAAC,cAAc,CAAC,CAAC,SAAS,CAAC,4BAA4B,CAAC,CAAC;QACjE,CAAC;QAED,IAAI,CAAC;YACH,MAAM,CAAC,cAAc,CAAC,CAAC,SAAS,CAAC,+BAA+B,CAAC,CAAC;QACpE,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,CAAC,cAAc,CAAC,CAAC,SAAS,CAAC,2BAA2B,CAAC,CAAC;QAChE,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/src/policy/policies/agent.toml

@@ -0,0 +1,31 @@
+# Priority system for policy rules:
+# - Higher priority numbers win over lower priority numbers
+# - When multiple rules match, the highest priority rule is applied
+# - Rules are evaluated in order of priority (highest first)
+#
+# Priority bands (tiers):
+# - Default policies (TOML): 1 + priority/1000 (e.g., priority 100 → 1.100)
+# - User policies (TOML): 2 + priority/1000 (e.g., priority 100 → 2.100)
+# - Admin policies (TOML): 3 + priority/1000 (e.g., priority 100 → 3.100)
+#
+# This ensures Admin > User > Default hierarchy is always preserved,
+# while allowing user-specified priorities to work within each tier.
+#
+# Settings-based and dynamic rules (all in user tier 2.x):
+#   2.95: Tools that the user has selected as "Always Allow" in the interactive UI
+#   2.9:  MCP servers excluded list (security: persistent server blocks)
+#   2.4:  Command line flag --exclude-tools (explicit temporary blocks)
+#   2.3:  Command line flag --allowed-tools (explicit temporary allows)
+#   2.2:  MCP servers with trust=true (persistent trusted servers)
+#   2.1:  MCP servers allowed list (persistent general server allows)
+#
+# TOML policy priorities (before transformation):
+#   10: Write tools default to ASK_USER (becomes 1.010 in default tier)
+#   15: Auto-edit tool override (becomes 1.015 in default tier)
+#   50: Read-only tools (becomes 1.050 in default tier)
+#   999: YOLO mode allow-all (becomes 1.999 in default tier)
+
+[[rule]]
+toolName = "delegate_to_agent"
+decision = "allow"
+priority = 50

package/dist/src/policy/policies/read-only.toml

@@ -54,3 +54,8 @@ priority = 50
 toolName = "google_web_search"
 decision = "allow"
 priority = 50
+
+[[rule]]
+toolName = "SubagentInvocation"
+decision = "allow"
+priority = 50

package/dist/src/policy/policy-engine.d.ts

@@ -4,7 +4,7 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 import { type FunctionCall } from '@google/genai';
-import { PolicyDecision, type PolicyEngineConfig, type PolicyRule, type SafetyCheckerRule, type HookCheckerRule, type HookExecutionContext } from './types.js';
+import { PolicyDecision, type PolicyEngineConfig, type PolicyRule, type SafetyCheckerRule, type HookCheckerRule, type HookExecutionContext, ApprovalMode } from './types.js';
 import type { CheckerRunner } from '../safety/checker-runner.js';
 import type { HookExecutionRequest } from '../confirmation-bus/types.js';
 export declare class PolicyEngine {
@@ -15,7 +15,16 @@ export declare class PolicyEngine {
     private readonly nonInteractive;
     private readonly checkerRunner?;
     private readonly allowHooks;
+    private approvalMode;
     constructor(config?: PolicyEngineConfig, checkerRunner?: CheckerRunner);
+    /**
+     * Update the current approval mode.
+     */
+    setApprovalMode(mode: ApprovalMode): void;
+    /**
+     * Get the current approval mode.
+     */
+    getApprovalMode(): ApprovalMode;
     /**
      * Check if a tool call is allowed based on the configured policies.
      * Returns the decision and the matching rule (if any).

package/dist/src/policy/policy-engine.js

@@ -4,11 +4,18 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 import {} from '@google/genai';
-import { PolicyDecision, getHookSource, } from './types.js';
+import { PolicyDecision, getHookSource, ApprovalMode, } from './types.js';
 import { stableStringify } from './stable-stringify.js';
 import { debugLogger } from '../utils/debugLogger.js';
 import { SafetyCheckDecision } from '../safety/protocol.js';
-function ruleMatches(rule, toolCall, stringifiedArgs, serverName) {
+import { SHELL_TOOL_NAMES, initializeShellParsers, splitCommands, } from '../utils/shell-utils.js';
+function ruleMatches(rule, toolCall, stringifiedArgs, serverName, currentApprovalMode) {
+    // Check if rule applies to current approval mode
+    if (rule.modes && rule.modes.length > 0) {
+        if (!rule.modes.includes(currentApprovalMode)) {
+            return false;
+        }
+    }
     // Check tool name if specified
     if (rule.toolName) {
         // Support wildcard patterns: "serverName__*" matches "serverName__anyTool"
@@ -66,6 +73,7 @@ export class PolicyEngine {
     nonInteractive;
     checkerRunner;
     allowHooks;
+    approvalMode;
     constructor(config = {}, checkerRunner) {
         this.rules = (config.rules ?? []).sort((a, b) => (b.priority ?? 0) - (a.priority ?? 0));
         this.checkers = (config.checkers ?? []).sort((a, b) => (b.priority ?? 0) - (a.priority ?? 0));
@@ -74,6 +82,19 @@ export class PolicyEngine {
         this.nonInteractive = config.nonInteractive ?? false;
         this.checkerRunner = checkerRunner;
         this.allowHooks = config.allowHooks ?? true;
+        this.approvalMode = config.approvalMode ?? ApprovalMode.DEFAULT;
+    }
+    /**
+     * Update the current approval mode.
+     */
+    setApprovalMode(mode) {
+        this.approvalMode = mode;
+    }
+    /**
+     * Get the current approval mode.
+     */
+    getApprovalMode() {
+        return this.approvalMode;
     }
     /**
      * Check if a tool call is allowed based on the configured policies.
@@ -92,10 +113,63 @@ export class PolicyEngine {
         let matchedRule;
         let decision;
         for (const rule of this.rules) {
-            if (ruleMatches(rule, toolCall, stringifiedArgs, serverName)) {
+            if (ruleMatches(rule, toolCall, stringifiedArgs, serverName, this.approvalMode)) {
                 debugLogger.debug(`[PolicyEngine.check] MATCHED rule: toolName=${rule.toolName}, decision=${rule.decision}, priority=${rule.priority}, argsPattern=${rule.argsPattern?.source || 'none'}`);
+                // Special handling for shell commands: check sub-commands if present
+                if (toolCall.name &&
+                    SHELL_TOOL_NAMES.includes(toolCall.name) &&
+                    rule.decision === PolicyDecision.ALLOW) {
+                    const command = toolCall.args?.command;
+                    if (command) {
+                        await initializeShellParsers();
+                        const subCommands = splitCommands(command);
+                        // If there are multiple sub-commands, we must verify EACH of them matches an ALLOW rule.
+                        // If any sub-command results in DENY -> the whole thing is DENY.
+                        // If any sub-command results in ASK_USER -> the whole thing is ASK_USER (unless one is DENY).
+                        // Only if ALL sub-commands are ALLOW do we proceed with ALLOW.
+                        if (subCommands.length === 0) {
+                            // This case occurs if the command is non-empty but parsing fails.
+                            // An ALLOW rule for a prefix might have matched, but since the rest of
+                            // the command is un-parseable, it's unsafe to proceed.
+                            // Fall back to a safe decision.
+                            debugLogger.debug(`[PolicyEngine.check] Command parsing failed for: ${command}. Falling back to safe decision because implicit ALLOW is unsafe.`);
+                            decision = this.applyNonInteractiveMode(PolicyDecision.ASK_USER);
+                        }
+                        else if (subCommands.length > 1) {
+                            debugLogger.debug(`[PolicyEngine.check] Compound command detected: ${subCommands.length} parts`);
+                            let aggregateDecision = PolicyDecision.ALLOW;
+                            for (const subCmd of subCommands) {
+                                // Recursively check each sub-command
+                                const subCall = {
+                                    name: toolCall.name,
+                                    args: { command: subCmd },
+                                };
+                                const subResult = await this.check(subCall, serverName);
+                                if (subResult.decision === PolicyDecision.DENY) {
+                                    aggregateDecision = PolicyDecision.DENY;
+                                    break; // Fail fast
+                                }
+                                else if (subResult.decision === PolicyDecision.ASK_USER) {
+                                    aggregateDecision = PolicyDecision.ASK_USER;
+                                    // efficient: we can only strictly downgrade from ALLOW to ASK_USER,
+                                    // but we must continue looking for DENY.
+                                }
+                            }
+                            decision = aggregateDecision;
+                        }
+                        else {
+                            // Single command, rule match is valid
+                            decision = this.applyNonInteractiveMode(rule.decision);
+                        }
+                    }
+                    else {
+                        decision = this.applyNonInteractiveMode(rule.decision);
+                    }
+                }
+                else {
+                    decision = this.applyNonInteractiveMode(rule.decision);
+                }
                 matchedRule = rule;
-                decision = this.applyNonInteractiveMode(rule.decision);
                 break;
             }
         }
@@ -107,7 +181,7 @@ export class PolicyEngine {
         // If decision is not DENY, run safety checkers
         if (decision !== PolicyDecision.DENY && this.checkerRunner) {
             for (const checkerRule of this.checkers) {
-                if (ruleMatches(checkerRule, toolCall, stringifiedArgs, serverName)) {
+                if (ruleMatches(checkerRule, toolCall, stringifiedArgs, serverName, this.approvalMode)) {
                     debugLogger.debug(`[PolicyEngine.check] Running safety checker: ${checkerRule.checker.name}`);
                     try {
                         const result = await this.checkerRunner.runChecker(toolCall, checkerRule.checker);

package/dist/src/policy/policy-engine.js.map

@@ -1 +1 @@
-{"version":3,"file":"policy-engine.js","sourceRoot":"","sources":["../../../src/policy/policy-engine.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAqB,MAAM,eAAe,CAAC;AAClD,OAAO,EACL,cAAc,EAMd,aAAa,GACd,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAEtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAG5D,SAAS,WAAW,CAClB,IAAoC,EACpC,QAAsB,EACtB,eAAmC,EACnC,UAA8B;IAE9B,+BAA+B;IAC/B,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,2EAA2E;QAC3E,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAClC,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,eAAe;YAC1D,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;gBAC7B,6EAA6E;gBAC7E,gHAAgH;gBAChH,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;oBAC1B,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YACD,uDAAuD;YACvD,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC;gBAC/D,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;aAAM,IAAI,QAAQ,CAAC,IAAI,KAAK,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC3C,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,kCAAkC;IAClC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,6DAA6D;QAC7D,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnB,OAAO,KAAK,CAAC;QACf,CAAC;QACD,iFAAiF;QACjF,IACE,eAAe,KAAK,SAAS;YAC7B,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,eAAe,CAAC,EACvC,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CACzB,IAAqB,EACrB,OAA6B;IAE7B,gCAAgC;IAChC,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS,KAAK,OAAO,CAAC,SAAS,EAAE,CAAC;QAC3D,OAAO,KAAK,CAAC;IACf,CAAC;IAED,iCAAiC;IACjC,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,UAAU,KAAK,OAAO,CAAC,UAAU,EAAE,CAAC;QAC9D,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,OAAO,YAAY;IACf,KAAK,CAAe;IACpB,QAAQ,CAAsB;IAC9B,YAAY,CAAoB;IACvB,eAAe,CAAiB;IAChC,cAAc,CAAU;IACxB,aAAa,CAAiB;IAC9B,UAAU,CAAU;IAErC,YAAY,SAA6B,EAAE,EAAE,aAA6B;QACxE,IAAI,CAAC,KAAK,GAAG,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,CACpC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAChD,CAAC;QACF,IAAI,CAAC,QAAQ,GAAG,CAAC,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,IAAI,CAC1C,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAChD,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,CAAC,MAAM,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,IAAI,CAClD,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAChD,CAAC;QACF,IAAI,CAAC,eAAe,GAAG,MAAM,CAAC,eAAe,IAAI,cAAc,CAAC,QAAQ,CAAC;QACzE,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,IAAI,KAAK,CAAC;QACrD,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QACnC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,IAAI,CAAC;IAC9C,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,KAAK,CACT,QAAsB,EACtB,UAA8B;QAK9B,IAAI,eAAmC,CAAC;QACxC,gDAAgD;QAChD,IACE,QAAQ,CAAC,IAAI;YACb,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC;gBAC1C,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,EACvD,CAAC;YACD,eAAe,GAAG,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACnD,CAAC;QAED,WAAW,CAAC,KAAK,CACf,uCAAuC,QAAQ,CAAC,IAAI,sBAAsB,eAAe,EAAE,CAC5F,CAAC;QAEF,4DAA4D;QAC5D,IAAI,WAAmC,CAAC;QACxC,IAAI,QAAoC,CAAC;QAEzC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC9B,IAAI,WAAW,CAAC,IAAI,EAAE,QAAQ,EAAE,eAAe,EAAE,UAAU,CAAC,EAAE,CAAC;gBAC7D,WAAW,CAAC,KAAK,CACf,+CAA+C,IAAI,CAAC,QAAQ,cAAc,IAAI,CAAC,QAAQ,cAAc,IAAI,CAAC,QAAQ,iBAAiB,IAAI,CAAC,WAAW,EAAE,MAAM,IAAI,MAAM,EAAE,CACxK,CAAC;gBACF,WAAW,GAAG,IAAI,CAAC;gBACnB,QAAQ,GAAG,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACvD,MAAM;YACR,CAAC;QACH,CAAC;QAED,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,+CAA+C;YAC/C,WAAW,CAAC,KAAK,CACf,2DAA2D,IAAI,CAAC,eAAe,EAAE,CAClF,CAAC;YACF,QAAQ,GAAG,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAChE,CAAC;QAED,+CAA+C;QAC/C,IAAI,QAAQ,KAAK,cAAc,CAAC,IAAI,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YAC3D,KAAK,MAAM,WAAW,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACxC,IAAI,WAAW,CAAC,WAAW,EAAE,QAAQ,EAAE,eAAe,EAAE,UAAU,CAAC,EAAE,CAAC;oBACpE,WAAW,CAAC,KAAK,CACf,gDAAgD,WAAW,CAAC,OAAO,CAAC,IAAI,EAAE,CAC3E,CAAC;oBACF,IAAI,CAAC;wBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAChD,QAAQ,EACR,WAAW,CAAC,OAAO,CACpB,CAAC;wBAEF,IAAI,MAAM,CAAC,QAAQ,KAAK,mBAAmB,CAAC,IAAI,EAAE,CAAC;4BACjD,WAAW,CAAC,KAAK,CACf,+CAA+C,MAAM,CAAC,MAAM,EAAE,CAC/D,CAAC;4BACF,OAAO;gCACL,QAAQ,EAAE,cAAc,CAAC,IAAI;gCAC7B,IAAI,EAAE,WAAW;6BAClB,CAAC;wBACJ,CAAC;6BAAM,IAAI,MAAM,CAAC,QAAQ,KAAK,mBAAmB,CAAC,QAAQ,EAAE,CAAC;4BAC5D,WAAW,CAAC,KAAK,CACf,2DAA2D,MAAM,CAAC,MAAM,EAAE,CAC3E,CAAC;4BACF,QAAQ,GAAG,cAAc,CAAC,QAAQ,CAAC;wBACrC,CAAC;oBACH,CAAC;oBAAC,OAAO,KAAK,EAAE,CAAC;wBACf,WAAW,CAAC,KAAK,CACf,+CAA+C,KAAK,EAAE,CACvD,CAAC;wBACF,OAAO;4BACL,QAAQ,EAAE,cAAc,CAAC,IAAI;4BAC7B,IAAI,EAAE,WAAW;yBAClB,CAAC;oBACJ,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO;YACL,QAAQ,EAAE,IAAI,CAAC,uBAAuB,CAAC,QAAQ,CAAC;YAChD,IAAI,EAAE,WAAW;SAClB,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,IAAgB;QACtB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtB,4BAA4B;QAC5B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAC,CAAC;IACnE,CAAC;IAED,UAAU,CAAC,OAA0B;QACnC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC5B,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAC,CAAC;IACtE,CAAC;IAED;;OAEG;IACH,kBAAkB,CAAC,QAAgB;QACjC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;IACvE,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED,WAAW;QACT,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,OAAwB;QACrC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAChC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAC,CAAC;IAC1E,CAAC;IAED;;OAEG;IACH,eAAe;QACb,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,SAAS,CACb,OAAoD;QAEpD,2DAA2D;QAC3D,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrB,OAAO,cAAc,CAAC,IAAI,CAAC;QAC7B,CAAC;QAED,MAAM,OAAO,GACX,OAAO,IAAI,OAAO;YAChB,CAAC,CAAC;gBACE,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,UAAU,EAAE,aAAa,CAAC,OAAO,CAAC,KAAK,CAAC;gBACxC,aAAa,EACX,OAAO,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,KAAK,SAAS;oBAClD,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC;oBACjC,CAAC,CAAC,SAAS;aAChB;YACH,CAAC,CAAC,OAAO,CAAC;QAEd,iDAAiD;QACjD,IAAI,OAAO,CAAC,aAAa,KAAK,KAAK,IAAI,OAAO,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YACxE,OAAO,cAAc,CAAC,IAAI,CAAC;QAC7B,CAAC;QAED,kDAAkD;QAClD,IAAI,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvD,KAAK,MAAM,WAAW,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBAC5C,IAAI,kBAAkB,CAAC,WAAW,EAAE,OAAO,CAAC,EAAE,CAAC;oBAC7C,WAAW,CAAC,KAAK,CACf,kDAAkD,WAAW,CAAC,OAAO,CAAC,IAAI,eAAe,OAAO,CAAC,SAAS,EAAE,CAC7G,CAAC;oBACF,IAAI,CAAC;wBACH,0DAA0D;wBAC1D,0DAA0D;wBAC1D,MAAM,aAAa,GAAG;4BACpB,IAAI,EAAE,QAAQ,OAAO,CAAC,SAAS,EAAE;4BACjC,IAAI,EAAE;gCACJ,UAAU,EAAE,OAAO,CAAC,UAAU;gCAC9B,aAAa,EAAE,OAAO,CAAC,aAAa;6BACrC;yBACF,CAAC;wBAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAChD,aAAa,EACb,WAAW,CAAC,OAAO,CACpB,CAAC;wBAEF,IAAI,MAAM,CAAC,QAAQ,KAAK,mBAAmB,CAAC,IAAI,EAAE,CAAC;4BACjD,WAAW,CAAC,KAAK,CACf,iDAAiD,MAAM,CAAC,MAAM,EAAE,CACjE,CAAC;4BACF,OAAO,cAAc,CAAC,IAAI,CAAC;wBAC7B,CAAC;6BAAM,IAAI,MAAM,CAAC,QAAQ,KAAK,mBAAmB,CAAC,QAAQ,EAAE,CAAC;4BAC5D,WAAW,CAAC,KAAK,CACf,6DAA6D,MAAM,CAAC,MAAM,EAAE,CAC7E,CAAC;4BACF,iEAAiE;4BACjE,OAAO,IAAI,CAAC,uBAAuB,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;wBAC/D,CAAC;oBACH,CAAC;oBAAC,OAAO,KAAK,EAAE,CAAC;wBACf,WAAW,CAAC,KAAK,CACf,iDAAiD,KAAK,EAAE,CACzD,CAAC;wBACF,OAAO,cAAc,CAAC,IAAI,CAAC;oBAC7B,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,uBAAuB;QACvB,OAAO,cAAc,CAAC,KAAK,CAAC;IAC9B,CAAC;IAEO,uBAAuB,CAAC,QAAwB;QACtD,iDAAiD;QACjD,IAAI,IAAI,CAAC,cAAc,IAAI,QAAQ,KAAK,cAAc,CAAC,QAAQ,EAAE,CAAC;YAChE,OAAO,cAAc,CAAC,IAAI,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF"}
+{"version":3,"file":"policy-engine.js","sourceRoot":"","sources":["../../../src/policy/policy-engine.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAqB,MAAM,eAAe,CAAC;AAClD,OAAO,EACL,cAAc,EAMd,aAAa,EACb,YAAY,GACb,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAEtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAE5D,OAAO,EACL,gBAAgB,EAChB,sBAAsB,EACtB,aAAa,GACd,MAAM,yBAAyB,CAAC;AAEjC,SAAS,WAAW,CAClB,IAAoC,EACpC,QAAsB,EACtB,eAAmC,EACnC,UAA8B,EAC9B,mBAAiC;IAEjC,iDAAiD;IACjD,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,CAAC;YAC9C,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,+BAA+B;IAC/B,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,2EAA2E;QAC3E,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAClC,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,eAAe;YAC1D,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;gBAC7B,6EAA6E;gBAC7E,gHAAgH;gBAChH,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;oBAC1B,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YACD,uDAAuD;YACvD,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC;gBAC/D,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;aAAM,IAAI,QAAQ,CAAC,IAAI,KAAK,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC3C,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,kCAAkC;IAClC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,6DAA6D;QAC7D,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnB,OAAO,KAAK,CAAC;QACf,CAAC;QACD,iFAAiF;QACjF,IACE,eAAe,KAAK,SAAS;YAC7B,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,eAAe,CAAC,EACvC,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CACzB,IAAqB,EACrB,OAA6B;IAE7B,gCAAgC;IAChC,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS,KAAK,OAAO,CAAC,SAAS,EAAE,CAAC;QAC3D,OAAO,KAAK,CAAC;IACf,CAAC;IAED,iCAAiC;IACjC,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,UAAU,KAAK,OAAO,CAAC,UAAU,EAAE,CAAC;QAC9D,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,OAAO,YAAY;IACf,KAAK,CAAe;IACpB,QAAQ,CAAsB;IAC9B,YAAY,CAAoB;IACvB,eAAe,CAAiB;IAChC,cAAc,CAAU;IACxB,aAAa,CAAiB;IAC9B,UAAU,CAAU;IAC7B,YAAY,CAAe;IAEnC,YAAY,SAA6B,EAAE,EAAE,aAA6B;QACxE,IAAI,CAAC,KAAK,GAAG,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,CACpC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAChD,CAAC;QACF,IAAI,CAAC,QAAQ,GAAG,CAAC,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,IAAI,CAC1C,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAChD,CAAC;QACF,IAAI,CAAC,YAAY,GAAG,CAAC,MAAM,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,IAAI,CAClD,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAChD,CAAC;QACF,IAAI,CAAC,eAAe,GAAG,MAAM,CAAC,eAAe,IAAI,cAAc,CAAC,QAAQ,CAAC;QACzE,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,cAAc,IAAI,KAAK,CAAC;QACrD,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QACnC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,IAAI,CAAC;QAC5C,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,IAAI,YAAY,CAAC,OAAO,CAAC;IAClE,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,IAAkB;QAChC,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,eAAe;QACb,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,KAAK,CACT,QAAsB,EACtB,UAA8B;QAK9B,IAAI,eAAmC,CAAC;QACxC,gDAAgD;QAChD,IACE,QAAQ,CAAC,IAAI;YACb,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC;gBAC1C,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,EACvD,CAAC;YACD,eAAe,GAAG,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACnD,CAAC;QAED,WAAW,CAAC,KAAK,CACf,uCAAuC,QAAQ,CAAC,IAAI,sBAAsB,eAAe,EAAE,CAC5F,CAAC;QAEF,4DAA4D;QAC5D,IAAI,WAAmC,CAAC;QACxC,IAAI,QAAoC,CAAC;QAEzC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC9B,IACE,WAAW,CACT,IAAI,EACJ,QAAQ,EACR,eAAe,EACf,UAAU,EACV,IAAI,CAAC,YAAY,CAClB,EACD,CAAC;gBACD,WAAW,CAAC,KAAK,CACf,+CAA+C,IAAI,CAAC,QAAQ,cAAc,IAAI,CAAC,QAAQ,cAAc,IAAI,CAAC,QAAQ,iBAAiB,IAAI,CAAC,WAAW,EAAE,MAAM,IAAI,MAAM,EAAE,CACxK,CAAC;gBAEF,qEAAqE;gBACrE,IACE,QAAQ,CAAC,IAAI;oBACb,gBAAgB,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC;oBACxC,IAAI,CAAC,QAAQ,KAAK,cAAc,CAAC,KAAK,EACtC,CAAC;oBACD,MAAM,OAAO,GAAI,QAAQ,CAAC,IAA6B,EAAE,OAAO,CAAC;oBACjE,IAAI,OAAO,EAAE,CAAC;wBACZ,MAAM,sBAAsB,EAAE,CAAC;wBAC/B,MAAM,WAAW,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;wBAE3C,yFAAyF;wBACzF,iEAAiE;wBACjE,8FAA8F;wBAC9F,+DAA+D;wBAC/D,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;4BAC7B,kEAAkE;4BAClE,uEAAuE;4BACvE,uDAAuD;4BACvD,gCAAgC;4BAChC,WAAW,CAAC,KAAK,CACf,oDAAoD,OAAO,mEAAmE,CAC/H,CAAC;4BACF,QAAQ,GAAG,IAAI,CAAC,uBAAuB,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;wBACnE,CAAC;6BAAM,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;4BAClC,WAAW,CAAC,KAAK,CACf,mDAAmD,WAAW,CAAC,MAAM,QAAQ,CAC9E,CAAC;4BACF,IAAI,iBAAiB,GAAG,cAAc,CAAC,KAAK,CAAC;4BAE7C,KAAK,MAAM,MAAM,IAAI,WAAW,EAAE,CAAC;gCACjC,qCAAqC;gCACrC,MAAM,OAAO,GAAG;oCACd,IAAI,EAAE,QAAQ,CAAC,IAAI;oCACnB,IAAI,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE;iCAC1B,CAAC;gCACF,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;gCAExD,IAAI,SAAS,CAAC,QAAQ,KAAK,cAAc,CAAC,IAAI,EAAE,CAAC;oCAC/C,iBAAiB,GAAG,cAAc,CAAC,IAAI,CAAC;oCACxC,MAAM,CAAC,YAAY;gCACrB,CAAC;qCAAM,IAAI,SAAS,CAAC,QAAQ,KAAK,cAAc,CAAC,QAAQ,EAAE,CAAC;oCAC1D,iBAAiB,GAAG,cAAc,CAAC,QAAQ,CAAC;oCAC5C,oEAAoE;oCACpE,yCAAyC;gCAC3C,CAAC;4BACH,CAAC;4BAED,QAAQ,GAAG,iBAAiB,CAAC;wBAC/B,CAAC;6BAAM,CAAC;4BACN,sCAAsC;4BACtC,QAAQ,GAAG,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;wBACzD,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,QAAQ,GAAG,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;oBACzD,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,QAAQ,GAAG,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACzD,CAAC;gBACD,WAAW,GAAG,IAAI,CAAC;gBACnB,MAAM;YACR,CAAC;QACH,CAAC;QAED,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,+CAA+C;YAC/C,WAAW,CAAC,KAAK,CACf,2DAA2D,IAAI,CAAC,eAAe,EAAE,CAClF,CAAC;YACF,QAAQ,GAAG,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAChE,CAAC;QAED,+CAA+C;QAC/C,IAAI,QAAQ,KAAK,cAAc,CAAC,IAAI,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YAC3D,KAAK,MAAM,WAAW,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACxC,IACE,WAAW,CACT,WAAW,EACX,QAAQ,EACR,eAAe,EACf,UAAU,EACV,IAAI,CAAC,YAAY,CAClB,EACD,CAAC;oBACD,WAAW,CAAC,KAAK,CACf,gDAAgD,WAAW,CAAC,OAAO,CAAC,IAAI,EAAE,CAC3E,CAAC;oBACF,IAAI,CAAC;wBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAChD,QAAQ,EACR,WAAW,CAAC,OAAO,CACpB,CAAC;wBAEF,IAAI,MAAM,CAAC,QAAQ,KAAK,mBAAmB,CAAC,IAAI,EAAE,CAAC;4BACjD,WAAW,CAAC,KAAK,CACf,+CAA+C,MAAM,CAAC,MAAM,EAAE,CAC/D,CAAC;4BACF,OAAO;gCACL,QAAQ,EAAE,cAAc,CAAC,IAAI;gCAC7B,IAAI,EAAE,WAAW;6BAClB,CAAC;wBACJ,CAAC;6BAAM,IAAI,MAAM,CAAC,QAAQ,KAAK,mBAAmB,CAAC,QAAQ,EAAE,CAAC;4BAC5D,WAAW,CAAC,KAAK,CACf,2DAA2D,MAAM,CAAC,MAAM,EAAE,CAC3E,CAAC;4BACF,QAAQ,GAAG,cAAc,CAAC,QAAQ,CAAC;wBACrC,CAAC;oBACH,CAAC;oBAAC,OAAO,KAAK,EAAE,CAAC;wBACf,WAAW,CAAC,KAAK,CACf,+CAA+C,KAAK,EAAE,CACvD,CAAC;wBACF,OAAO;4BACL,QAAQ,EAAE,cAAc,CAAC,IAAI;4BAC7B,IAAI,EAAE,WAAW;yBAClB,CAAC;oBACJ,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO;YACL,QAAQ,EAAE,IAAI,CAAC,uBAAuB,CAAC,QAAQ,CAAC;YAChD,IAAI,EAAE,WAAW;SAClB,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,IAAgB;QACtB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtB,4BAA4B;QAC5B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAC,CAAC;IACnE,CAAC;IAED,UAAU,CAAC,OAA0B;QACnC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC5B,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAC,CAAC;IACtE,CAAC;IAED;;OAEG;IACH,kBAAkB,CAAC,QAAgB;QACjC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;IACvE,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED,WAAW;QACT,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,OAAwB;QACrC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAChC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAC,CAAC;IAC1E,CAAC;IAED;;OAEG;IACH,eAAe;QACb,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,SAAS,CACb,OAAoD;QAEpD,2DAA2D;QAC3D,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrB,OAAO,cAAc,CAAC,IAAI,CAAC;QAC7B,CAAC;QAED,MAAM,OAAO,GACX,OAAO,IAAI,OAAO;YAChB,CAAC,CAAC;gBACE,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,UAAU,EAAE,aAAa,CAAC,OAAO,CAAC,KAAK,CAAC;gBACxC,aAAa,EACX,OAAO,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,KAAK,SAAS;oBAClD,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC;oBACjC,CAAC,CAAC,SAAS;aAChB;YACH,CAAC,CAAC,OAAO,CAAC;QAEd,iDAAiD;QACjD,IAAI,OAAO,CAAC,aAAa,KAAK,KAAK,IAAI,OAAO,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YACxE,OAAO,cAAc,CAAC,IAAI,CAAC;QAC7B,CAAC;QAED,kDAAkD;QAClD,IAAI,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvD,KAAK,MAAM,WAAW,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBAC5C,IAAI,kBAAkB,CAAC,WAAW,EAAE,OAAO,CAAC,EAAE,CAAC;oBAC7C,WAAW,CAAC,KAAK,CACf,kDAAkD,WAAW,CAAC,OAAO,CAAC,IAAI,eAAe,OAAO,CAAC,SAAS,EAAE,CAC7G,CAAC;oBACF,IAAI,CAAC;wBACH,0DAA0D;wBAC1D,0DAA0D;wBAC1D,MAAM,aAAa,GAAG;4BACpB,IAAI,EAAE,QAAQ,OAAO,CAAC,SAAS,EAAE;4BACjC,IAAI,EAAE;gCACJ,UAAU,EAAE,OAAO,CAAC,UAAU;gCAC9B,aAAa,EAAE,OAAO,CAAC,aAAa;6BACrC;yBACF,CAAC;wBAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,UAAU,CAChD,aAAa,EACb,WAAW,CAAC,OAAO,CACpB,CAAC;wBAEF,IAAI,MAAM,CAAC,QAAQ,KAAK,mBAAmB,CAAC,IAAI,EAAE,CAAC;4BACjD,WAAW,CAAC,KAAK,CACf,iDAAiD,MAAM,CAAC,MAAM,EAAE,CACjE,CAAC;4BACF,OAAO,cAAc,CAAC,IAAI,CAAC;wBAC7B,CAAC;6BAAM,IAAI,MAAM,CAAC,QAAQ,KAAK,mBAAmB,CAAC,QAAQ,EAAE,CAAC;4BAC5D,WAAW,CAAC,KAAK,CACf,6DAA6D,MAAM,CAAC,MAAM,EAAE,CAC7E,CAAC;4BACF,iEAAiE;4BACjE,OAAO,IAAI,CAAC,uBAAuB,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;wBAC/D,CAAC;oBACH,CAAC;oBAAC,OAAO,KAAK,EAAE,CAAC;wBACf,WAAW,CAAC,KAAK,CACf,iDAAiD,KAAK,EAAE,CACzD,CAAC;wBACF,OAAO,cAAc,CAAC,IAAI,CAAC;oBAC7B,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,uBAAuB;QACvB,OAAO,cAAc,CAAC,KAAK,CAAC;IAC9B,CAAC;IAEO,uBAAuB,CAAC,QAAwB;QACtD,iDAAiD;QACjD,IAAI,IAAI,CAAC,cAAc,IAAI,QAAQ,KAAK,cAAc,CAAC,QAAQ,EAAE,CAAC;YAChE,OAAO,cAAc,CAAC,IAAI,CAAC;QAC7B,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF"}

package/dist/src/policy/policy-engine.test.js

@@ -5,7 +5,7 @@
  */
 import { describe, it, expect, beforeEach, vi } from 'vitest';
 import { PolicyEngine } from './policy-engine.js';
-import { PolicyDecision, InProcessCheckerType, } from './types.js';
+import { PolicyDecision, InProcessCheckerType, ApprovalMode, } from './types.js';
 import { SafetyCheckDecision } from '../safety/protocol.js';
 describe('PolicyEngine', () => {
     let engine;
@@ -14,7 +14,7 @@ describe('PolicyEngine', () => {
         mockCheckerRunner = {
             runChecker: vi.fn(),
         };
-        engine = new PolicyEngine({}, mockCheckerRunner);
+        engine = new PolicyEngine({ approvalMode: ApprovalMode.DEFAULT }, mockCheckerRunner);
     });
     describe('constructor', () => {
         it('should use default config when none provided', async () => {
@@ -108,6 +108,30 @@ describe('PolicyEngine', () => {
             // Default ASK_USER should also become DENY
             expect((await engine.check({ name: 'unknown-tool' }, undefined)).decision).toBe(PolicyDecision.DENY);
         });
+        it('should dynamically switch between modes and respect rule modes', async () => {
+            const rules = [
+                {
+                    toolName: 'edit',
+                    decision: PolicyDecision.ASK_USER,
+                    priority: 10,
+                },
+                {
+                    toolName: 'edit',
+                    decision: PolicyDecision.ALLOW,
+                    priority: 20,
+                    modes: [ApprovalMode.AUTO_EDIT],
+                },
+            ];
+            engine = new PolicyEngine({ rules });
+            // Default mode: priority 20 rule doesn't match, falls back to priority 10
+            expect((await engine.check({ name: 'edit' }, undefined)).decision).toBe(PolicyDecision.ASK_USER);
+            // Switch to autoEdit mode
+            engine.setApprovalMode(ApprovalMode.AUTO_EDIT);
+            expect((await engine.check({ name: 'edit' }, undefined)).decision).toBe(PolicyDecision.ALLOW);
+            // Switch back to default
+            engine.setApprovalMode(ApprovalMode.DEFAULT);
+            expect((await engine.check({ name: 'edit' }, undefined)).decision).toBe(PolicyDecision.ASK_USER);
+        });
     });
     describe('addRule', () => {
         it('should add a new rule and maintain priority order', () => {