Permission Model

A2WF organizes permissions into three categories.

Read Permissions

What information agents can access (passive operations):

• productCatalog — Listings, descriptions, images
• pricing — Prices, fees, rates
• availability — Stock, appointment slots
• openingHours — Business hours
• contactInfo — Address, phone, email
• reviews — Ratings, testimonials
• faq — FAQ answers
• companyInfo — About, team, history

Action Permissions

What operations agents can perform (active operations):

• search, addToCart, checkout (usually with humanVerification)
• createAccount, submitReview, submitContactForm
• bookAppointment, cancelOrder, requestRefund

Data Permissions

Sensitive data — typically all denied:

• customerRecords, orderHistory, paymentInfo
• internalAnalytics, employeeData

Permission Properties

• allowed (boolean, REQUIRED)
• rateLimit (integer, OPTIONAL) — requests/minute
• humanVerification (boolean, OPTIONAL)
• note (string, OPTIONAL) — explanation