feat: tool risk policy UI + wiring through all orchestrators

- New /settings/tools page: max_risk selector (low/medium/high) + per-tool override dropdowns (Default / Force include / Force exclude) for all 58 tools grouped by category with color-coded risk badges; JS updates Auto status live - get_tools_for_role() + get_openai_tools_for_role() now accept max_risk, whitelist, blacklist; _apply_risk_policy() handles the filtering logic - get_risk_policy() helper in auth_utils reads from tool_policy.json - Risk policy wired through orchestrator.py, openai_orchestrator.py, orchestrator_engine.py, nextcloud_talk.py, homeassistant.py - Tools nav link added to settings.html and notifications.html - CLAUDE.md and ARCH__SYSTEM.md updated: tool count 50→58, risk system docs, tool access control three-layer model documented Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-11 22:45:04 -04:00
parent c9c1ca7de6
commit 69ec2f667d
15 changed files with 584 additions and 27 deletions
--- a/cortex/static/settings.html
+++ b/cortex/static/settings.html
@@ -265,6 +265,7 @@
      <a href="{{ help_href }}" class="nav-link">Help</a>
      <a href="/settings" class="nav-link active">Settings</a>
      <a href="/settings/notifications" class="nav-link">Notifications</a>
+      <a href="/settings/tools" class="nav-link">Tools</a>
      <span class="nav-spacer"></span>
      <a href="/logout" class="nav-link nav-logout">Sign out</a>
    </nav>