firefrost-gaming/composio-skills-reference
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e762a98bd93f34c22926c7cf6ae7c9bb59ea9d5b
composio-skills-reference/composio-sdk/rules/tr-session-config.md
sohamganatra b8b711dff6 Add Composio SDK skill with rules and agent config 
Adds composio-sdk/ with SKILL.md, AGENTS.md, and 18 rule files
covering Tool Router, direct execution, triggers, and auth patterns.

Source: composiohq/skills

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-05 22:54:21 -08:00

166 lines
4.0 KiB
Markdown
Raw Blame History

---
title: Configure Tool Router Sessions Properly
impact: MEDIUM
description: Use session configuration options to control toolkit access, tools, and behavior
tags: [tool-router, configuration, toolkits, tools, session]
---
# Configure Tool Router Sessions Properly
Tool Router sessions support rich configuration for fine-grained control over toolkit and tool access.
## ❌ Incorrect
```typescript
// DON'T: Enable all toolkits without restrictions
const session = await composio.create('user_123', {
// No toolkit restrictions - exposes everything!
});
// DON'T: Mix incompatible configuration patterns
const session = await composio.create('user_123', {
toolkits: { enable: ['gmail'] },
toolkits: ['slack'] // This will override the first one!
});
```
```python
# DON'T: Enable all toolkits without restrictions
session = composio.tool_router.create(
user_id="user_123"
# No toolkit restrictions - exposes everything!
)
```
## ✅ Correct - Basic Configuration
```typescript
// DO: Explicitly specify toolkits
import { Composio } from '@composio/core';
const composio = new Composio();
// Simple toolkit list
const session = await composio.create('user_123', {
toolkits: ['gmail', 'slack', 'github']
});
// Explicit enable
const session2 = await composio.create('user_123', {
toolkits: { enable: ['gmail', 'slack'] }
});
// Disable specific toolkits (enable all others)
const session3 = await composio.create('user_123', {
toolkits: { disable: ['calendar'] }
});
```
```python
# DO: Explicitly specify toolkits
from composio import Composio
composio = Composio()
# Simple toolkit list
session = composio.tool_router.create(
user_id="user_123",
toolkits=["gmail", "slack", "github"]
)
# Explicit enable
session2 = composio.tool_router.create(
user_id="user_123",
toolkits={"enable": ["gmail", "slack"]}
)
```
## ✅ Correct - Fine-Grained Tool Control
```typescript
// DO: Control specific tools per toolkit
const session = await composio.create('user_123', {
toolkits: ['gmail', 'slack'],
tools: {
// Only allow reading emails, not sending
gmail: ['GMAIL_FETCH_EMAILS', 'GMAIL_SEARCH_EMAILS'],
// Or use enable/disable
slack: {
disable: ['SLACK_DELETE_MESSAGE'] // Safety: prevent deletions
}
}
});
```
```python
# DO: Control specific tools per toolkit
session = composio.tool_router.create(
user_id="user_123",
toolkits=["gmail", "slack"],
tools={
# Only allow reading emails, not sending
"gmail": ["GMAIL_FETCH_EMAILS", "GMAIL_SEARCH_EMAILS"],
# Or use enable/disable
"slack": {
"disable": ["SLACK_DELETE_MESSAGE"] # Safety: prevent deletions
}
}
)
```
## ✅ Correct - Tag-Based Filtering
```typescript
// DO: Use tags to filter by behavior
const session = await composio.create('user_123', {
toolkits: ['gmail', 'github'],
// Global tags: only read-only tools
tags: ['readOnlyHint'],
// Override tags per toolkit
tools: {
github: {
tags: ['readOnlyHint', 'idempotentHint']
}
}
});
```
```python
# DO: Use tags to filter by behavior
session = composio.tool_router.create(
user_id="user_123",
toolkits=["gmail", "github"],
# Global tags: only read-only tools
tags=["readOnlyHint"],
# Override tags per toolkit
tools={
"github": {
"tags": ["readOnlyHint", "idempotentHint"]
}
}
)
```
## Available Tags
- `readOnlyHint` - Tools that only read data
- `destructiveHint` - Tools that modify or delete data
- `idempotentHint` - Tools safe to retry
- `openWorldHint` - Tools operating in open contexts
## Configuration Best Practices
1. **Least Privilege**: Only enable toolkits/tools needed
2. **Tag Filtering**: Use tags to restrict dangerous operations
3. **Per-Toolkit Tools**: Fine-tune access per toolkit
4. **Auth Configs**: Map toolkits to specific auth configurations
## Reference
- [Configuration Options](https://docs.composio.dev/sdk/typescript/api/tool-router#configuration-options)
- [Tool Tags](https://docs.composio.dev/sdk/typescript/api/tool-router#tags)
Reference in New Issue View Git Blame Copy Permalink