Embabel Agent Documentation/com.embabel.agent.mcpserver.security/SecureAgentTool

SecureAgentTool

@Target(allowedTargets = [AnnotationTarget.CLASS, AnnotationTarget.FUNCTION])

annotation class SecureAgentTool(val value: String)

Declares the security contract for an Embabel agent action exposed as a remote MCP tool.

Accepts any Spring Security SpEL expression, identical syntax to org.springframework.security.access.prepost.PreAuthorize, evaluated against the current org.springframework.security.core.Authentication at the point of tool invocation, before Embabel's GOAP planner executes the action body.

Supported expressions

@SecureAgentTool("hasAuthority('finance:admin')")
@SecureAgentTool("hasAnyAuthority('finance:read', 'finance:admin')")
@SecureAgentTool("hasRole('ADMIN')")
@SecureAgentTool("@myPolicy.canAccess(authentication, #request)")
@SecureAgentTool("hasAuthority('finance:read') and #request.amount < 10000")

Placement

Combine with @Action and optionally @AchievesGoal on the same method:

@SecureAgentTool("hasAuthority('payments:write')")
@AchievesGoal(description = "Process a payment", export = Export(...))
@Action
fun processPayment(request: PaymentRequest, context: OperationContext): PaymentResult

Can also be placed on the @Agent class to secure all @Action methods in that agent. Method-level annotation takes precedence over class-level when both are present.

Enforcement

SecureAgentToolAspect intercepts the call and evaluates the SpEL expression using Spring Security's org.springframework.security.access.expression.method.MethodSecurityExpressionHandler. An org.springframework.security.access.AccessDeniedException is thrown if the expression evaluates to false, resulting in a 403 at the MCP transport layer.

Parameters

value

A Spring Security SpEL expression evaluated against the current org.springframework.security.core.Authentication.

Properties