loading
loading
A rule that says which tools an agent may call, with what arguments, and whether approval is required.
Tool permissions are the practical boundary between helpful automation and uncontrolled access. Read-only search can usually run freely; deleting files, sending email, spending money, or changing production should need tighter scopes or approval. Good agents expose permissions in code, config, and UI so operators can reason about risk.
Plainly
Think of Tool Permission as the lock and rules that keep people and data safe. A rule that says which tools an agent may call, with what arguments, and whether approval is required.
In practice
Use it when a workflow touches secrets, permissions, user data, payments, or untrusted input. In practice, define the owner, input, output, and failure mode before you rely on it.