chore: add a separate reject-policy flag for skill approvals (#14271)

## Summary - add `skill_approval` to `RejectConfig` and the app-server v2 `AskForApproval::Reject` payload so skill-script prompts can be configured independently from sandbox and rule-based prompts - update Unix shell escalation to reject prompts based on the actual decision source, keeping prefix rules tied to `rules`, unmatched command fallbacks tied to `sandbox_approval`, and skill scripts tied to `skill_approval` - regenerate the affected protocol/config schemas and expand unit/integration coverage for the new flag and skill approval behavior
2026-05-02 04:11:39 +03:00 · 2026-03-10 16:58:23 -07:00
parent 83b22bb612
commit c1a424691f
29 changed files with 346 additions and 12 deletions
--- a/codex-rs/protocol/src/models.rs
+++ b/codex-rs/protocol/src/models.rs
@@ -481,6 +481,7 @@ impl DeveloperInstructions {
                let on_request_instructions = on_request_instructions();
                let sandbox_approval = reject_config.sandbox_approval;
                let rules = reject_config.rules;
+                let skill_approval = reject_config.skill_approval;
                let request_permissions = reject_config.request_permissions;
                let mcp_elicitations = reject_config.mcp_elicitations;
                format!(
@@ -488,6 +489,7 @@ impl DeveloperInstructions {
                     Approval policy is `reject`.\n\
                     - `sandbox_approval`: {sandbox_approval}\n\
                     - `rules`: {rules}\n\
+                     - `skill_approval`: {skill_approval}\n\
                     - `request_permissions`: {request_permissions}\n\
                     - `mcp_elicitations`: {mcp_elicitations}\n\
                     When a category is `true`, requests in that category are auto-rejected instead of prompting the user."