FabricFabricHarness
Reference

Policies and Approvals

Capability policies, approval flows, and where they live.

The full notes live at docs/policies-approvals.md. This page summarizes the model.

Today

  • Scoped commands. Agents declare commands per call (commands: [...]). Anything else is a capability error.
  • Capability-aware tools. write and edit honor any filesystem write scope on the session.
  • Approvals. session.approval.request({ reason, risk, timeout }) waits durably (Temporal target) or in-process (inline runtime).

Designed-for

A future capability policy block:

await session.prompt('Fix the tests', {
  capabilities: {
    filesystem: {
      read:  ['/workspace/**'],
      write: ['/workspace/src/**', '/workspace/tests/**'],
    },
    commands: ['npm test', 'git diff', 'git status'],
    network: { mode: 'allowlist', hosts: ['api.github.com'] },
    approvals: { requiredFor: ['git push', 'npm publish', 'terraform apply'] },
  },
});

Where to put policy

  • Per callsession.prompt(text, { commands, capabilities }).
  • Per sessionagent.session(id, { capabilities }).
  • Per agent — declared on the metadata agent({...}).
  • Workspace-wide.fabricharness/policies/*.ts (designed-for; keep simple files for now).

Approvals from the CLI

fh approvals <session-id> --pending
fh approve  <session-id> <approval-id> --actor preetham
fh reject   <session-id> <approval-id> --actor preetham --reason "Wrong branch"

See Approvals and fh approvals.

Security Hardening

Checklist before promoting an agent to production.

Telemetry

Events, metrics, and OpenTelemetry hooks.

On this page

TodayDesigned-forWhere to put policyApprovals from the CLI