git.stella-ops.org/docs/features/unchecked/advisoryai/sanctioned-tool-registry.md

Sanctioned Tool Registry (Policy-Gated Tool Execution)

Module

AdvisoryAI

Status

IMPLEMENTED

Description

Tool policy system with sanctioned tool registry controlling which AI tools can be invoked, with read-only defaults and confirmation-gated action tools.

Implementation Details

• Modules: src/AdvisoryAi/StellaOps.AdvisoryAI/Chat/Settings/, src/AdvisoryAi/StellaOps.AdvisoryAI/Tools/
• Key Classes:
  • AdvisoryChatToolPolicy (src/AdvisoryAi/StellaOps.AdvisoryAI/Chat/Settings/AdvisoryChatToolPolicy.cs) - defines which tools are sanctioned, read-only, or require confirmation
  • DeterministicToolset (src/AdvisoryAi/StellaOps.AdvisoryAI/Tools/DeterministicToolset.cs) - deterministic tool implementations (version analysis, dependency analysis)
  • AdvisoryChatSettingsService (src/AdvisoryAi/StellaOps.AdvisoryAI/Chat/Settings/AdvisoryChatSettingsService.cs) - manages chat settings including tool policies
  • AdvisoryChatSettingsStore (src/AdvisoryAi/StellaOps.AdvisoryAI/Chat/Settings/AdvisoryChatSettingsStore.cs) - persists chat settings and tool policies
  • AdvisoryChatSettingsModels (src/AdvisoryAi/StellaOps.AdvisoryAI/Chat/Settings/AdvisoryChatSettingsModels.cs) - settings models for tool access levels
  • DependencyAnalysisResult (src/AdvisoryAi/StellaOps.AdvisoryAI/Tools/DependencyAnalysisResult.cs) - result model for dependency analysis tool
  • SemanticVersion (src/AdvisoryAi/StellaOps.AdvisoryAI/Tools/SemanticVersion.cs) - semantic version parsing for version analysis tool
  • SemanticVersionRange (src/AdvisoryAi/StellaOps.AdvisoryAI/Tools/SemanticVersionRange.cs) - version range matching for dependency tools
• Interfaces: IDeterministicToolset
• Source: Feature matrix scan

E2E Test Plan

• Configure AdvisoryChatToolPolicy with sanctioned tools and verify only those tools can be invoked during chat
• Attempt to invoke a non-sanctioned tool and verify it is rejected with an access denied response
• Verify read-only tools execute without confirmation prompts
• Verify action tools (write operations) require user confirmation before execution
• Verify DeterministicToolset provides consistent results for version analysis and dependency analysis
• Verify AdvisoryChatSettingsService persists tool policy changes via AdvisoryChatSettingsStore