0fab46f65c
Agent-created skills were using the same policy as community hub installs, blocking any skill with medium/high severity findings (e.g. docker pull, pip install, git clone). This meant the agent couldn't create skills that reference Docker or other common tools. Changed agent-created policy from (allow, block, block) to (allow, allow, block) — matching the trusted policy. Caution-level findings (medium/high severity) are now allowed through, while dangerous findings (critical severity like exfiltration, prompt injection, reverse shells) remain blocked. Added 4 tests covering the agent-created policy: safe allowed, caution allowed, dangerous blocked, force override.
41 KiB
41 KiB