feat: per-sender tool policies in groups #1734
Description
NOTE: I'M WORKING ON THIS AS A PR - JUST PUTTING HERE FOR REFERENCE
Summary
Currently, group tool policies apply to ALL senders in a group. There's no way to give different users different tool access levels within the same group.
Current Behavior
"groups": {
"*": {
"requireMention": true,
"tools": {
"allow": ["read", "web_search", "web_fetch"]
}
}
}This applies the same tool policy to everyone in the group.
Proposed Behavior
Add per-sender tool policy overrides within groups:
"groups": {
"*": {
"requireMention": true,
"tools": {
"allow": ["read", "web_search", "web_fetch"]
},
"toolsBySender": {
"+64273931111": {
"allow": ["read", "write", "exec", "web_search", "web_fetch"]
},
"+6421234567": {
"allow": ["read"]
}
}
}
}Use Case
- Owner wants full tool access in groups they participate in
- Trusted team members get expanded access (e.g., exec, write)
- Regular group members get read-only access
- Untrusted members get chat-only (no tools)
Implementation Notes
toolsBySendershould override the group-leveltoolspolicy for matching senders- Should work with E.164 phone numbers (WhatsApp) and platform-specific identifiers (Slack user IDs, Telegram usernames, etc.)
- Could potentially reuse the
groupAllowFrompattern for consistency
Related
tools.elevated.allowFromalready does per-sender gating for elevated exec- This would extend similar per-sender control to all tools