Permission Harness Client
User-side zero-trust harness for a finance workspace agent. It shows exactly what goes up to the backend, which permissions are needed, where a request is blocked, and why.
Agent tasks
Read finance documents
User request: Show me the finance workspace documents.
Read protected finance workspace documents.
VC: space.readlocal: tool:read_finance_documentsimpact: lowapproval: no
Create finance document
User request: Create a new finance memo in the finance workspace.
Generate a new finance document. Low impact in this demo; no human approval required.
VC: space.writelocal: tool:create_finance_documentimpact: lowapproval: no
Delete finance document
User request: Delete finance document fin-1 from the finance workspace.
Delete a finance document. High impact; requires approval.
VC: space.deletelocal: tool:delete_finance_documentimpact: highapproval: required
Execute payment
User request: Pay CHF 100 to Example Vendor.
Simulate payment execution. High impact; requires approval and permission.
VC: payment.executelocal: tool:execute_paymentimpact: highapproval: required