Skip to content

Profiles: enforce policy ceilings at materialization (#97 follow-up) #129

Description

@gbasin

Follow-up to #97 (profile writeback). Plan §Security Rules requires: "profile materialization may request approval/sandbox/tool permissions, but Atrium/Centaur deployment policy wins; saved profiles must not bypass managed/admin restrictions."

Today there is only a policy-capped risk label — no actual clamping. A saved profile could set e.g. approval_policy=never or a permissive sandbox mode and it'd be written straight into the materialized config overlay.

Build: a config-driven deployment policy (ceilings for approval/sandbox + a permission allowlist); at version-create / runtimeOverlayFromManifest (surface/server/src/agent-profiles.ts), clamp those keys to the ceiling, record what was clamped, and set policy-capped only when a real clamp happened. Tests.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions