Access Control

Control which tools can be called through your Keypost.

Allow policy

Explicitly allow specific tools. When an allow policy exists, only listed tools are permitted.

{
  "type": "access",
  "config": {
    "action": "allow",
    "tools": ["read_file", "list_directory", "search_code"]
  }
}

Deny policy

Block specific tools. All other tools remain allowed.

{
  "type": "access",
  "config": {
    "action": "deny",
    "tools": ["delete_file", "execute_command", "write_file"]
  }
}

Tool patterns

Use wildcards to match multiple tools:

{
  "type": "access",
  "config": {
    "action": "deny",
    "tools": ["delete_*", "*_dangerous", "admin_*"]
  }
}

Combining allow and deny

You can use both. Deny takes precedence:

If tool matches a deny rule → blocked
If allow rules exist and tool doesn't match → blocked
Otherwise → allowed

Example: Read-only access

{
  "name": "Read-only mode",
  "type": "access",
  "config": {
    "action": "allow",
    "tools": ["read_*", "list_*", "get_*", "search_*"]
  }
}

Example: Block destructive operations

{
  "name": "No destructive ops",
  "type": "access",
  "config": {
    "action": "deny",
    "tools": ["delete_*", "drop_*", "truncate_*", "remove_*"]
  }
}