NeuralTrust | The leading security platform for generative AI

The Tool Permission plugin filters which tools an agent is allowed to invoke. It evaluates the requested tools before execution and removes any tool calls that are not permitted by your allow/deny policies.

What it does

Inspects agent requests to determine which tools are being requested (PreRequest)
Applies an allow/deny policy using a whitelist and/or denylist
Edits the request to remove disallowed tools; continues with allowed ones
Permissive behavior on parsing issues (request is allowed if no tools are detected or content can’t be parsed)

Configuration Parameters

Parameter	Type	Description	Required	Default
`white_list`	array	List of tool names explicitly allowed	Cond.	`[]`
`deny_list`	array	List of tool names explicitly denied	Cond.	`[]`
`provider`	string	LLM request format provider (e.g., `openai`)	No	`openai`

Requirement: at least one of white_list or deny_list must be provided. Behavior notes:

Stage: PreRequest
If there is no body, no tools, or parsing fails, the request proceeds unchanged

Prerequisites

These agent security plugins require upstreams configured in provider mode. See Upstream Services & Routing for details: /trustgate/core-concepts/upstream-services-overview Example upstream (provider mode):

{
  "name": "{{upstream_service_name}}",
  "algorithm": "round-robin",
  "targets": [
    {
      "provider": "openai",
      "provider_options": { "api": "responses" },
      "weight": 50,
      "priority": 1,
      "default_model": "gpt-4o-mini",
      "models": ["gpt-4", "gpt-4o-mini"],
      "stream": false,
      "credentials": { "api_key": "" }
    }
  ]
}

Example configuration

Whitelist example (only allow specific tools):

{
  "name": "tool_permission",
  "enabled": true,
  "stage": "pre_request",
  "priority": 1,
  "parallel": false,
  "settings": {
    "provider": "openai",
    "white_list": ["web_search", "db_query"],
    "deny_list": []
  }
}

Denylist example (block specific tools):

{
  "name": "tool_permission",
  "enabled": true,
  "stage": "pre_request",
  "priority": 1,
  "parallel": false,
  "settings": {
    "provider": "openai",
    "white_list": [],
    "deny_list": ["web_scrape", "exec_shell"]
  }
}

Compatibility

Currently supports agents using the OpenAI LLM request/response format only.

Best practices

Prefer white_list in sensitive environments to reduce risk surface
Keep lists concise and review them regularly as your agent evolves
Combine with Tool Guard (content risk) and Tool Budget Limiter (cost control)

Getting Started

Core Concepts

Traffic Management

Actions API

Non-REST Connectivity

Rate Limiting & Request Control

Content Security

Agent Security

Application Security

Server Security

Data masking

Extending Functionality

Observability & Monitoring

Benchmark

API Reference

Tool Permission

What it does

Configuration Parameters

Prerequisites

Example configuration

Compatibility

Best practices

Getting Started

Core Concepts

Traffic Management

Actions API

Non-REST Connectivity

Rate Limiting & Request Control

Content Security

Agent Security

Application Security

Server Security

Data masking

Extending Functionality

Observability & Monitoring

Benchmark

API Reference

​What it does

​Configuration Parameters

​Prerequisites

​Example configuration

​Compatibility

​Best practices

What it does

Configuration Parameters

Prerequisites

Example configuration

Compatibility

Best practices