tanzhenxin 8d74a0cf0a feat(subagents): add disallowedTools field to agent definitions (#3064) ... * feat(subagents): add disallowedTools field to agent definitions Add a `disallowedTools` blocklist to agent frontmatter, letting agents specify tools they should not have access to. Supports exact tool names, MCP server-level patterns (e.g., `mcp__slack`), and display name aliases. Applied as a post-filter in AgentCore.prepareTools() after the existing `tools` allowlist. Persisted through serialize/parse roundtrips. * docs: document disallowedTools and MCP tool behavior for subagents Add Tool Configuration section to sub-agents docs explaining: - tools allowlist and disallowedTools blocklist - How MCP tools follow the same allowlist/blocklist rules - MCP server-level patterns in disallowedTools * fix(subagents): validate disallowedTools in SubagentValidator Reuse the existing validateTools() method to validate disallowedTools entries at config validation time, catching non-string and empty entries before they reach runtime. * test: remove flaky BaseSelectionList scroll test on Windows		2026-04-13 18:24:02 +08:00
..
index.ts	feat(permissions): prevent shell bypass of Read/Edit/WebFetch rules	2026-03-11 11:45:44 +08:00
permission-manager.test.ts	fix(permissions): match env-prefixed shell commands against saved permission rules (#2850)	2026-04-09 14:25:04 +08:00
permission-manager.ts	fix(permissions): allow non-core tools to bypass coreTools allowlist	2026-04-03 10:39:39 +08:00
rule-parser.ts	feat(subagents): add disallowedTools field to agent definitions (#3064)	2026-04-13 18:24:02 +08:00
shell-semantics.test.ts	feat(permissions): prevent shell bypass of Read/Edit/WebFetch rules	2026-03-11 11:45:44 +08:00
shell-semantics.ts	fix windows test	2026-03-11 20:08:38 +08:00
types.ts	feat test tool permissions	2026-03-10 16:30:22 +08:00