sensitive-op

The sensitive-op tool is a demonstration tool that requires human-in-the-loop approval before executing. It serves as the canonical example of an approval-gated tool.

Capability Required

tool.invoke:sensitive-op

Approval Required

Yes. This tool always requires human approval. When invoked:

The tool call is queued as a pending request
The calling agent blocks (waiting for IPC response)
An operator must run ash approve <request-id> or ash deny <request-id>
The agent receives the result (or a denial error)

Approval timeout: 300 seconds (5 minutes). If not approved within the timeout, the request is automatically denied.

Input Schema

{
  "type": "object"
}

Any JSON input is accepted.

Output Schema

{
  "type": "object"
}

Returns the input as-is (like echo) after approval.

Example

#![allow(unused)]
fn main() {
// This call will block until the operator approves or denies it
match agent.invoke_tool("sensitive-op", json!({"action": "deploy-v2"})).await {
    Ok(result) => println!("Approved: {}", result),
    Err(AgentError::ToolFailed(msg)) if msg.contains("denied") => {
        println!("Operator denied the request");
    }
    Err(e) => eprintln!("Error: {}", e),
}
}

Operator flow:

ash pending
# REQUEST-ID  AGENT      TOOL          CREATED
# abc-123     my-agent   sensitive-op  2026-02-22T12:34:56Z

ash approve abc-123
# Request approved. Tool executed.

Cost

Estimated cost: 5.0

Use as a Template

The sensitive-op tool demonstrates the approval pattern for custom tools. When registering a dynamic tool or implementing a tool plugin, set:

#![allow(unused)]
fn main() {
ToolInfo {
    requires_approval: true,
    approval_timeout_secs: Some(300),
    // ...
}
}

Scarab-Runtime Documentation