---
name: grix-access-control
description: Manage sender access control with the typed `grix_access_control` tool — approve/deny a pairing code, allow/remove a sender, or set the access policy. Trigger when the user asks to approve a pairing request, allowlist or block a sender, or change who is allowed to message the agent.
trigger: 当用户要批准/拒绝配对码、允许或移除某个发送者、或调整谁可以给 Agent 发消息的访问策略时
---

# Grix Access Control

Use the `grix_access_control` tool to manage who may message this agent.

## Tool contract

Call `grix_access_control` with one `action`:

- `pair_approve` / `pair_deny` — approve or deny a pairing request. Requires the
  `code` from the pairing request.
- `allow_sender` — add a sender to the allowlist. Requires `sender_id`.
- `remove_sender` — remove a sender. Requires `sender_id`.
- `set_policy` — set the access policy. Requires `policy`, one of:
  - `allowlist` — only allowlisted senders may message
  - `open` — anyone may message
  - `disabled` — access control off

## Rules

1. Pick exactly one `action` and supply only the field it needs (`code` for
   pairing, `sender_id` for allow/remove, `policy` for set_policy).
2. These actions change who can reach the agent — confirm with the user before
   approving an unknown pairing code or switching the policy to `open`.
3. On failure, report the exact reason (e.g. expired/invalid code) instead of
   retrying with a guessed value.