validate_action
Check if an agent can perform a specific action before execution to ensure compliance with security policies and prevent unauthorized operations.
Instructions
Validate whether an agent can perform a specific action.
This is the PRIMARY security gate. Agents should call this BEFORE performing any sensitive action to ensure compliance with security policies.
Args: action_type: Type of action (e.g., "tool_call", "resource_access", "data_read", "data_write") target: Target of the action (e.g., tool name, resource URI, database name) agent_id: Unique identifier of the requesting agent parameters: JSON string of action-specific parameters (optional) context: Additional context about why this action is needed (optional)
Returns: JSON string with validation result: - action_id: Unique ID for this validation (for audit correlation) - allowed: Whether the action is permitted - require_approval: If true, action needs human approval first - reason: Explanation of the decision - warnings: Any non-blocking warnings
Example: validate_action( action_type="tool_call", target="database_delete", agent_id="prod-agent-01", parameters='{"table": "users"}', context="Cleanup stale records" )
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| action_type | Yes | ||
| target | Yes | ||
| agent_id | Yes | ||
| parameters | No | {} | |
| context | No |