[capability]
name = "tools::read-only"
category = "tools"
version = "1.0"
description = "Deny Edit and Write tools entirely — agent may read but not mutate the filesystem."
rationale = "Read-only agents (research, critic, explorer) must never alter source. A denial at the tool level is simpler and more robust than per-path scope checks."

[restricts]
tool-patterns = []
tools-denied = ["Edit", "Write"]

[parameterized]
accepts = []

[text]
path = "text.md"

[gate]
rust-module = "gates::tools_read_only"
event = "PreToolUse:Edit|Write"
severity = "block"