Add path-level policy controls for safe-output git changes (allow/deny paths)
Problem
Safe-output git operations (push_to_pull_request_branch, create_pull_request) currently allow broad file changes and rely on downstream failures (permissions/protection) to block unsafe edits.
This is late and inconsistent for agents. This means the Agent thinks it succeeded but of course it did not.
Request
Introduce path-based policy controls for git-changing safe outputs so workflows can explicitly allow/deny which files may be changed.
Proposed capability
- Configurable path policies (glob-based), e.g.:
allowed-pathsblocked-paths
- Enforced when the agent attempts to use the tool and before patch application/push (early failure in tool execution).
- Clear error message showing which path(s) violated policy.
- Apply consistently to both:
push_to_pull_request_branchcreate_pull_request
Example use cases
- Allow docs-only bots:
allowed-paths: ["docs/**", "**/*.md"]
- Block CI/workflow edits:
blocked-paths: [".github/workflows/**"] when you're using GITHUB_TOKEN and can't modify workflows
Add path-level policy controls for safe-output git changes (allow/deny paths)
Problem
Safe-output git operations (
push_to_pull_request_branch,create_pull_request) currently allow broad file changes and rely on downstream failures (permissions/protection) to block unsafe edits.This is late and inconsistent for agents. This means the Agent thinks it succeeded but of course it did not.
Request
Introduce path-based policy controls for git-changing safe outputs so workflows can explicitly allow/deny which files may be changed.
Proposed capability
allowed-pathsblocked-pathspush_to_pull_request_branchcreate_pull_requestExample use cases
allowed-paths: ["docs/**", "**/*.md"]blocked-paths: [".github/workflows/**"]when you're using GITHUB_TOKEN and can't modify workflows