51 lines
2.9 KiB
JSON
51 lines
2.9 KiB
JSON
{
|
|
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
"$id": "https://git.mirv.top/verstak/verstak-sdk/schemas/permissions.json",
|
|
"title": "Verstak Permissions Registry",
|
|
"description": "Known runtime permissions and their safety levels",
|
|
"type": "object",
|
|
"properties": {
|
|
"permissions": {
|
|
"type": "array",
|
|
"items": {
|
|
"$ref": "#/$defs/PermissionEntry"
|
|
}
|
|
}
|
|
},
|
|
"$defs": {
|
|
"PermissionEntry": {
|
|
"type": "object",
|
|
"properties": {
|
|
"name": { "type": "string" },
|
|
"description": { "type": "string" },
|
|
"dangerous": {
|
|
"type": "boolean",
|
|
"description": "If true, user must explicitly approve before enabling plugin"
|
|
}
|
|
},
|
|
"required": ["name", "description", "dangerous"]
|
|
}
|
|
},
|
|
"permissions": [
|
|
{ "name": "vault.read", "description": "Read vault files and metadata", "dangerous": false },
|
|
{ "name": "vault.write", "description": "Write vault files and metadata", "dangerous": true },
|
|
{ "name": "vault.watch", "description": "Watch vault file changes", "dangerous": false },
|
|
{ "name": "files.read", "description": "List files and read text files through the vault Files API", "dangerous": false },
|
|
{ "name": "files.write", "description": "Create folders, write text files, and move paths through the vault Files API", "dangerous": true },
|
|
{ "name": "files.delete", "description": "Trash vault files and folders through the vault Files API", "dangerous": true },
|
|
{ "name": "storage.namespace", "description": "Read/write plugin's own storage namespace", "dangerous": false },
|
|
{ "name": "storage.migrations", "description": "Run database migrations in plugin namespace", "dangerous": false },
|
|
{ "name": "events.publish", "description": "Publish events to the event bus", "dangerous": false },
|
|
{ "name": "events.subscribe", "description": "Subscribe to events on the event bus", "dangerous": false },
|
|
{ "name": "ui.register", "description": "Register UI components and contributions", "dangerous": false },
|
|
{ "name": "commands.register", "description": "Register command palette commands", "dangerous": false },
|
|
{ "name": "workbench.open", "description": "Request Workbench open/edit routing for vault resources", "dangerous": false },
|
|
{ "name": "network.local", "description": "Connect to localhost network services", "dangerous": false },
|
|
{ "name": "network.remote", "description": "Connect to remote network services", "dangerous": true },
|
|
{ "name": "process.spawn", "description": "Spawn external processes", "dangerous": true },
|
|
{ "name": "secrets.read", "description": "Read secrets from the secret store", "dangerous": true },
|
|
{ "name": "secrets.write", "description": "Write secrets to the secret store", "dangerous": true },
|
|
{ "name": "sync.participate", "description": "Participate in vault sync", "dangerous": true }
|
|
]
|
|
}
|