Set read-only annotation hints on each tool for security

2025-06-26 13:16:00 +04:00
parent 2bed3a0774
commit 0237fb3419
7 changed files with 67 additions and 12 deletions
--- a/tools/workflow/base.py
+++ b/tools/workflow/base.py
@@ -110,6 +110,21 @@ class WorkflowTool(BaseTool, BaseWorkflowMixin):
        """
        return []

+    def get_annotations(self) -> Optional[dict[str, Any]]:
+        """
+        Return tool annotations. Workflow tools are read-only by default.
+
+        All workflow tools perform analysis and investigation without modifying
+        the environment. They may call external AI models for expert analysis,
+        but they don't write files or make system changes.
+
+        Override this method if your workflow tool needs different annotations.
+
+        Returns:
+            Dictionary with readOnlyHint set to True
+        """
+        return {"readOnlyHint": True}
+
    def get_input_schema(self) -> dict[str, Any]:
        """
        Generate the complete input schema using SchemaBuilder.