Skip to content

Add Agent Permission Policy schema (.agents/permissions.json)#5666

Merged
madskristensen merged 2 commits into
SchemaStore:masterfrom
Mearman:add-agent-permissions-schema
May 11, 2026
Merged

Add Agent Permission Policy schema (.agents/permissions.json)#5666
madskristensen merged 2 commits into
SchemaStore:masterfrom
Mearman:add-agent-permissions-schema

Conversation

@Mearman
Copy link
Copy Markdown

@Mearman Mearman commented May 10, 2026

Summary

Adds the Agent Permission Policy schema for .agents/permissions.json and .agents/permissions.local.json files.

This is a cross-agent permission policy format for AI coding agents (Claude Code, Pi, OpenCode, Codex, Cursor, etc.). The schema defines what tools agents may use, under what conditions, and how subagents are constrained.

File matches

  • **/.agents/permissions.json — team-shared policy (committed to git)
  • **/.agents/permissions.local.json — personal overrides (gitignored)

Schema highlights

  • Deny-first evaluation (deny rules short-circuit before allow)
  • Compatible with Claude Code permission syntax (Tool(pattern), prefix:*, wildcards)
  • Conditional rules with when.cwd / when.branch conditions
  • MCP tool wildcards (mcp__server, mcp__*__tool*)
  • Agent delegation controls (subagent constraints, per-agent overrides)
  • Sandbox and network configuration
  • Named permission profiles

Validation

  • node cli.js check passes ✓

Copilot AI review requested due to automatic review settings May 10, 2026 18:59
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 10, 2026

Thanks for the PR!

This section of the codebase is owned by @madskristensen and @hyperupcall - if they write a comment saying "LGTM" then it will be merged.

Copilot AI reviewed May 10, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a new SchemaStore catalog entry for the Agent Permission Policy format so editors/tools can associate .agents/permissions.json and .agents/permissions.local.json files with the upstream, self-hosted JSON Schema.

Changes:

  • Registered “Agent Permission Policy” in the schema catalog with file patterns for shared and local override policy files.
  • Pointed the catalog entry to the upstream hosted schema URL.

Comment thread src/api/json/catalog.json
Comment on lines +9712 to +9716
{
"name": "Agent Permission Policy",
"description": "Cross-agent permission policy for AI coding agents",
"fileMatch": [
"**/.agents/permissions.json",
Copy link
Copy Markdown
Author

@Mearman Mearman May 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The entry is placed directly before "AgentCore CLI" (line 9722), which is the correct alphabetical position — "Agent Permission Policy" < "AgentCore CLI". The catalog has hundreds of existing alphabetical violations throughout, and this placement is correct relative to its immediate neighbours.

@madskristensen madskristensen merged commit 6e11618 into SchemaStore:master May 11, 2026
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@madskristensen madskristensen Awaiting requested review from madskristensen madskristensen is a code owner

@hyperupcall hyperupcall Awaiting requested review from hyperupcall hyperupcall is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Mearman @madskristensen