Tool Security Important
Security mechanisms and permission control for the tool system.
Security Layers
Layer Description
Tool call requests must pass all security layer checks. Rejection at any layer results in call failure.
Risk Levels
| Level | Icon | Description | Example |
|---|---|---|---|
| Safe | 🟢 | Read-only, no side effects | Get time, query info |
| Medium | 🟡 | Limited side effects | Send messages |
| Higher | 🟠 | Significant actions | Group admin, file ops |
| Dangerous | 🔴 | System access | Shell commands |
Permission Control
User Permission Levels
| Level | Description | Allowed Operations |
|---|---|---|
all | All users | Basic chat, view info |
whitelist | Whitelist users | Specific restricted commands |
admin | Administrators | Group management, tool calls |
master | Bot owner | All operations, system config |
Whitelist/Blacklist Control
Dangerous Tools
Dangerous Tool Categories
Dangerous Tool Configuration
yaml
builtinTools:
# Allow dangerous tools
allowDangerous: false
# Dangerous tool list
dangerousTools:
- kick_member
- recall_message
- set_group_whole_ban
- execute_commandTemporary Authorization
Some scenarios require temporary dangerous tool access:
javascript
const agent = await createSkillsAgent({
event: e,
allowDangerous: true // Temporary authorization
})Global Configuration
Enable/Disable Categories
yaml
builtinTools:
enabledCategories:
- basic
- user
- web
# Unlisted categories are disabledDisable Specific Tools
yaml
builtinTools:
disabledTools:
- execute_command
- delete_filePreset-Level Control
Whitelist Mode
yaml
# Preset file
tools:
mode: whitelist
allowedTools:
- get_time
- get_weather
- search_webBlacklist Mode
yaml
tools:
mode: blacklist
excludedTools:
- send_message
- kick_memberSecurity Execution Flow
Audit Logging
Log Recording
yaml
mcp:
logging:
enabled: true
level: info
retention: 30 # Keep 30 daysLog Content
json
{
"id": "uuid",
"toolName": "send_message",
"args": {"target": "123", "content": "..."},
"result": "success",
"userId": "456",
"timestamp": "2024-12-15T06:30:00.000Z",
"duration": 150
}View Logs
bash
# Command
#工具日志
# API
GET /api/tools/logs?limit=100&toolName=send_messageBest Practices
Security Recommendations
Follow these best practices to ensure secure tool system operation.
| Practice | Description |
|---|---|
| Least Privilege | Only enable needed tools |
| Use Whitelist Mode | Use whitelist in presets, explicitly list allowed tools |
| Disable Dangerous Tools | Always set allowDangerous: false in production |
| Regular Log Audits | Regularly check tool call logs for anomalies |
| Strict Parameter Validation | Define parameter Schema to prevent injection attacks |
Security Checklist
Pre-deployment Check
Ensure completion of the following security checks:
- [ ] Disabled unnecessary tool categories
- [ ] Dangerous tools disabled or controlled
- [ ] Admin tools properly configured
- [ ] Presets using whitelist mode
- [ ] Audit logging enabled
- [ ] Rate limiting configured
Next Steps
- Built-in Tools - Tool reference
- Custom JS Tools - Create custom tools
- MCP Configuration - MCP settings