Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[proposal] Add sensitive flag for the Tool #176

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[proposal] Add sensitive flag for the Tool #176

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions docs/specification/draft/server/tools.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ Applications **SHOULD**:
- Insert clear visual indicators when tools are invoked
- Present confirmation prompts to the user for operations, to ensure a human is in the
loop {{< /callout >}}
- Always present a confirmation prompt to the user when invoking a sensitive operation

## Capabilities

Expand Down Expand Up @@ -79,6 +80,7 @@ To discover available tools, clients send a `tools/list` request. This operation
{
"name": "get_weather",
"description": "Get current weather information for a location",
"sensitive": false,
"inputSchema": {
"type": "object",
"properties": {
Expand Down Expand Up @@ -181,6 +183,8 @@ A tool definition includes:
- `name`: Unique identifier for the tool
- `description`: Human-readable description of functionality
- `inputSchema`: JSON Schema defining expected parameters
- `sensitive`: A boolean flag that indicates whether the tool performs a sensitive
operation.

### Tool Result

Expand Down Expand Up @@ -291,6 +295,9 @@ Example tool execution error:
- Prompt for user confirmation on sensitive operations
- Show tool inputs to the user before calling the server, to avoid malicious or
accidental data exfiltration
- For any tool with `sensitive` set to true, explicitly prompt the user to confirm the
operation. The confirmation UI SHOULD clearly indicate the tool’s purpose, the
inputs provided, and any potential impact of the operation.
- Validate tool results before passing to LLM
- Implement timeouts for tool calls
- Log tool usage for audit purposes
4 changes: 4 additions & 0 deletions schema/draft/schema.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2057,6 +2057,10 @@
"name": {
"description": "The name of the tool.",
"type": "string"
},
"sensitive": {
"description": "Indicates whether invoking this tool performs a sensitive operation. Defaults to false if not specified.",
"type": "boolean"
}
},
"required": [
Expand Down
4 changes: 4 additions & 0 deletions schema/draft/schema.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -697,6 +697,10 @@ export interface Tool {
properties?: { [key: string]: object };
required?: string[];
};
/**
* Indicates whether invoking this tool performs a sensitive operation. Defaults to false if not specified.
*/
sensitive?: boolean;
}

/* Logging */
Expand Down