Originator: FuzeKeys MCP Secrets-Broker.
Context / why: The broker needs per-identity/per-secret scopes and auto-release (LOW/MED) vs human-approval (HIGH) tiers. FuzeFront's Permit usage (utils/permit/permission-check.ts, role-assignment.ts, resource-instances.ts) covers org/app checks but the family has no agreed pattern for instance-scoped agent roles, a sensitivity attribute, or a temporary TTL-bounded "approved_release" role.
Asks:
- Standardize a resource-instance-scoped role pattern for agents (out-of-scope = no assignment = deny).
- Standardize a
sensitivity attribute (LOW/MEDIUM/HIGH) + policy: LOW/MED allow in-scope; HIGH requires a separate read_sensitive action not granted by default.
- Standardize a time-boxed
approved_release role the broker assigns after human approval to satisfy read_sensitive (documented TTL/revocation). Approval queue + notifier stay in the broker; only the decision lives in Permit.
Acceptance criteria:
- Documented Permit conventions for instance scoping, sensitivity tiers, and TTL approval-grants in the shared env.
- Worked example:
check(agent,"read_sensitive",card) denies until an approval-grant role is assigned, then allows for the TTL, then denies.
Notifications requested: @-mention me on contract-freeze of these Permit conventions and on deployment.
STATE: depends on the agent-identity issue. Maps the broker design §7 tiers onto Permit; interim broker logic replaced once frozen.
Originator: FuzeKeys MCP Secrets-Broker.
Context / why: The broker needs per-identity/per-secret scopes and auto-release (LOW/MED) vs human-approval (HIGH) tiers. FuzeFront's Permit usage (
utils/permit/permission-check.ts,role-assignment.ts,resource-instances.ts) covers org/app checks but the family has no agreed pattern for instance-scoped agent roles, asensitivityattribute, or a temporary TTL-bounded "approved_release" role.Asks:
sensitivityattribute (LOW/MEDIUM/HIGH) + policy: LOW/MED allow in-scope; HIGH requires a separateread_sensitiveaction not granted by default.approved_releaserole the broker assigns after human approval to satisfyread_sensitive(documented TTL/revocation). Approval queue + notifier stay in the broker; only the decision lives in Permit.Acceptance criteria:
check(agent,"read_sensitive",card)denies until an approval-grant role is assigned, then allows for the TTL, then denies.Notifications requested: @-mention me on contract-freeze of these Permit conventions and on deployment.
STATE: depends on the agent-identity issue. Maps the broker design §7 tiers onto Permit; interim broker logic replaced once frozen.