Interface PolicyEvaluation

Result of sandbox policy evaluation.

interface PolicyEvaluation {
    allowed: boolean;
    reason?: string;
    policyId: string;
    violations: readonly PolicyViolation[];
    configurationWarnings?: readonly string[];
}

Index

Properties

allowed reason? policyId violations configurationWarnings?

Properties

`Readonly`allowed

allowed: boolean

Whether the operation is allowed.

`Optional` `Readonly`reason

reason?: string

Denial reason if not allowed.

`Readonly`policyId

policyId: string

Policy that was applied.

`Readonly`violations

violations: readonly PolicyViolation[]

Violations found.

`Optional` `Readonly`configurationWarnings

configurationWarnings?: readonly string[]

Configuration mismatches the executor surfaces to operators — capabilities declared in the policy but unenforceable because the corresponding allowlist is empty (e.g. process_spawn set but allowedCommands: []). Source: #2428 ask 1. Not security violations; informational only.

Interface PolicyEvaluation

Index

Properties

Properties

`Readonly`allowed

`Optional` `Readonly`reason

`Readonly`policyId

`Readonly`violations

`Optional` `Readonly`configurationWarnings

Settings

On This Page

Interface PolicyEvaluation

Index

Properties

Properties

Readonlyallowed

Optional Readonlyreason

ReadonlypolicyId

Readonlyviolations

Optional ReadonlyconfigurationWarnings

Settings

On This Page

`Readonly`allowed

`Optional` `Readonly`reason

`Readonly`policyId

`Readonly`violations

`Optional` `Readonly`configurationWarnings