Channel allowlists
What you'll find here
The deny-by-default filter that decides which normalized inbound channel events continue past gateway ingress.
Deny by default.
A channel event is allowed only when it matches an enabled rule for the configured channel. Denied events produce explicit decision reasons that can be recorded in redacted capability receipts.
Rule selectors
Rules can match:
Channel kind
Provider / fixture service name
External sender ids
Workspace ids
Thread ids
String metadata keys
At least one selector required.
Broad, selector-free allow rules are rejected.
Decisions
The evaluator returns an inspectable decision with:
Allowed or denied status
Reason
Matched rule id
When allowed.
Event id
Channel
Sender external id
Events from the wrong channel are denied before rule matching. Events
with no matching enabled rule are denied with no enabled allowlist rule matched.
Denial receipts
Denied inbound events can emit a craik.capability_receipt with the
channel.ingress.denied capability. Receipt metadata preserves the
allowlist id, event id, channel, sender external id, policy envelope
id, and redaction fields — without storing message text.
Boundary
Filter only, not authorization.
Channel allowlists do not pair identities, grant tool authority, or bypass policy envelopes. They only decide whether a normalized external event can continue to later gateway stages.