mirror of
https://github.com/google-gemini/gemini-cli.git
synced 2026-04-28 05:55:17 -07:00
Sandy Tao
79ea865790
- Sisyphus: auto-resume timer with schedule_work tool - Confucius: built-in sub-agent for knowledge consolidation before compression - Hippocampus: in-memory short-term memory via background micro-consolidation - Bicameral Voice: proactive knowledge alignment on user input - Archive compression mode for long-running sessions - Onboarding dialog for first-time Forever Mode setup - Refresh system instruction per turn so hippocampus reaches the model - Auto-start A2A HTTP server when Forever Mode + Sisyphus enabled - Bridge external messages into session and capture responses - Display A2A port in status bar alongside Sisyphus timer
86 lines
2.4 KiB
TOML
86 lines
2.4 KiB
TOML
# Priority system for policy rules:
|
|
# - Higher priority numbers win over lower priority numbers
|
|
# - When multiple rules match, the highest priority rule is applied
|
|
# - Rules are evaluated in order of priority (highest first)
|
|
#
|
|
# Priority bands (tiers):
|
|
# - Default policies (TOML): 1 + priority/1000 (e.g., priority 100 → 1.100)
|
|
# - Extension policies (TOML): 2 + priority/1000 (e.g., priority 100 → 2.100)
|
|
# - Workspace policies (TOML): 3 + priority/1000 (e.g., priority 100 → 3.100)
|
|
# - User policies (TOML): 4 + priority/1000 (e.g., priority 100 → 4.100)
|
|
# - Admin policies (TOML): 5 + priority/1000 (e.g., priority 100 → 5.100)
|
|
#
|
|
# This ensures Admin > User > Workspace > Extension > Default hierarchy is always preserved,
|
|
# while allowing user-specified priorities to work within each tier.
|
|
#
|
|
# Settings-based and dynamic rules (all in user tier 4.x):
|
|
# 4.95: Tools that the user has selected as "Always Allow" in the interactive UI
|
|
# 4.9: MCP servers excluded list (security: persistent server blocks)
|
|
# 4.4: Command line flag --exclude-tools (explicit temporary blocks)
|
|
# 4.3: Command line flag --allowed-tools (explicit temporary allows)
|
|
# 4.2: MCP servers with trust=true (persistent trusted servers)
|
|
# 4.1: MCP servers allowed list (persistent general server allows)
|
|
#
|
|
# TOML policy priorities (before transformation):
|
|
# 10: Write tools default to ASK_USER (becomes 1.010 in default tier)
|
|
# 15: Auto-edit tool override (becomes 1.015 in default tier)
|
|
# 50: Read-only tools (becomes 1.050 in default tier)
|
|
# 999: YOLO mode allow-all (becomes 1.999 in default tier)
|
|
|
|
[[rule]]
|
|
toolName = "replace"
|
|
decision = "ask_user"
|
|
priority = 10
|
|
|
|
[[rule]]
|
|
toolName = "replace"
|
|
decision = "allow"
|
|
priority = 15
|
|
modes = ["autoEdit"]
|
|
|
|
[rule.safety_checker]
|
|
type = "in-process"
|
|
name = "allowed-path"
|
|
required_context = ["environment"]
|
|
|
|
[[rule]]
|
|
toolName = "save_memory"
|
|
decision = "ask_user"
|
|
priority = 10
|
|
|
|
[[rule]]
|
|
toolName = "run_shell_command"
|
|
decision = "ask_user"
|
|
priority = 10
|
|
|
|
[[rule]]
|
|
toolName = "write_file"
|
|
decision = "ask_user"
|
|
priority = 10
|
|
|
|
[[rule]]
|
|
toolName = "activate_skill"
|
|
decision = "ask_user"
|
|
priority = 10
|
|
|
|
[[rule]]
|
|
toolName = "write_file"
|
|
decision = "allow"
|
|
priority = 15
|
|
modes = ["autoEdit"]
|
|
|
|
[rule.safety_checker]
|
|
type = "in-process"
|
|
name = "allowed-path"
|
|
required_context = ["environment"]
|
|
|
|
[[rule]]
|
|
toolName = "web_fetch"
|
|
decision = "ask_user"
|
|
priority = 10
|
|
|
|
[[rule]]
|
|
toolName = "schedule_work"
|
|
decision = "allow"
|
|
priority = 50
|