Docs / ai / Tool-level Access Control (P0-117)

Tool-level Access Control (P0-117)

guide

Pass an explicit tools list to casino_create_agent for per-tool access control, which overrides category-level capabilities grants.

In addition to capabilities (category grants), you can pass an explicit tools list to casino_create_agent for per-tool access control:

- capabilities — category granularity; all tools in that group (e.g. ["data_access"] → all 14 data tools). - tools — individual tool names (e.g. ["query_mongodb", "count_documents"] → only those 2).

Priority: tools (specific) overrides capabilities (category). If only capabilities is set, P0-116 behavior is unchanged.

Use casino_list_tools() first to see all valid tool names and categories, then pass exact names.

Examples

Discover tools, then create a read-only bot
// Step 1 — discover available tool names:
casino_list_tools()
// → returns { "data": ["query_mongodb", "insert_documents", ...], "capabilities": [...], ... }

// Step 2 — create a read-only support bot (no write access):
casino_create_agent(
  site_id="<your_site_id>",
  name="support_bot",
  system_prompt="You are a helpful support assistant...",
  tools=["query_mongodb", "count_documents", "describe_collection"]
)
// → capabilities auto-derived as ["data_access"], tools enforced at runtime
NoteAlways-on tool exemption: web_search (basic), create_diagram, list_sites, get_site_files, and the category meta-tools are never filtered — only category-loaded tools are subject to the allowlist. (The gated, heavier counterpart is web_search_deep, which requires external_integration.)

See also

tool-categories · targeting-custom-agents · agent-catalog

Source: README.md#tool-level-access-control-p0-117 · Also available in llms-full.txt and registry.json.