docs(openwar): named-tool fidelity rule#1
Merged
Conversation
Adds a paragraph to the "Tool calls and authorization" section covering tool fidelity, distinct from authorization. When the operator names a specific tool, substitution requires explicit re-authorization in the same session. Partial discretion covers content and style, not tool selection. Fills a real gap: Hard Rule #3 gates destructive and out-of-directive actions, authorized_costs gates whether to spend on a category, but nothing currently covers fidelity to operator-named tools inside an authorized category. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds a one-paragraph rule to the "Tool calls and authorization" section of
openwar.mdcovering tool fidelity, which is distinct from authorization.When the operator names a specific tool, substitution requires explicit re-authorization in the same session, even when a default or learned preference would suggest a different tool. Partial discretion ("a few options as you please", "whichever you prefer") covers content and style, never tool selection unless the operator explicitly opens it up.
Why this matters
The existing framework has three gates near this territory but none of them actually catch the case:
authorized_costsgates whether the agent may spend on a cost category. If two tools share a category (both authorized), it doesn't help pick the right one.This rule closes that gap. Tool fidelity is its own concern.
Test plan
npm run lintpasses (em-dashes + sanity)🤖 Generated with Claude Code