docs: document tool exclusion from memory via deny policy (#21428)

Co-authored-by: Sam Roberts <158088236+g-samroberts@users.noreply.github.com>
2026-03-10 14:10:37 -07:00 · 2026-03-09 09:29:52 -07:00
parent 96b939f63a
commit 09e99824d4
1 changed files with 8 additions and 1 deletions
--- a/docs/reference/policy-engine.md
+++ b/docs/reference/policy-engine.md
@@ -91,10 +91,17 @@ the arguments don't match the pattern, the rule does not apply.
 There are three possible decisions a rule can enforce:

 - `allow`: The tool call is executed automatically without user interaction.
- `deny`: The tool call is blocked and is not executed.
+- `deny`: The tool call is blocked and is not executed. For global rules (those
+  without an `argsPattern`), tools that are denied are **completely excluded
+  from the model's memory**. This means the model will not even see the tool as
+  an option, which is more secure and saves context window space.
 - `ask_user`: The user is prompted to approve or deny the tool call. (In
  non-interactive mode, this is treated as `deny`.)

+> **Note:** The `deny` decision is the recommended way to exclude tools. The
+> legacy `tools.exclude` setting in `settings.json` is deprecated in favor of
+> policy rules with a `deny` decision.
+
 ### Priority system and tiers

 The policy engine uses a sophisticated priority system to resolve conflicts when