ReadonlymodePolicy mode identifier.
ReadonlyrequireWhether User Gate phases require explicit human decisions. false → auto-approve at gates (solo mode). true → machine waits for /review-decision (team/regulated).
ReadonlymaxMax independent review iterations in PLAN phase before force-convergence.
ReadonlymaxMax impl-review iterations in IMPL_REVIEW phase before force-convergence.
ReadonlyallowWhether the session initiator can approve at User Gates. false → four-eyes principle enforced (regulated). Session initiator !== review decision maker. true → self-approval allowed (solo/team).
ReadonlyselfIndependent review configuration.
ReadonlyreviewWhether lower-assurance text-compatible review output may satisfy evidence.
ReadonlyreviewHow reviewer invocation must occur: host-visible Task tool, SDK, or policy-gated.
ReadonlyauditAudit event emission controls.
ReadonlyactorActor classification per tool name. Maps FlowGuard tool names to actor labels for the audit trail. Tools not listed default to "system".
ReadonlyminimumP34: Minimum required actor assurance for regulated approval decisions.
Applies at User Gates in regulated mode. Actors below the threshold are blocked with reason ACTOR_ASSURANCE_INSUFFICIENT.
Migration from P33 v0: requireVerifiedActorsForApproval: true → minimumActorAssuranceForApproval: 'claim_validated' requireVerifiedActorsForApproval: false → minimumActorAssuranceForApproval: 'best_effort'
P34 design doc: docs/actor-assurance-architecture.md
ReadonlyrequireP33 (deprecated): Whether regulated approvals require verified actor identity. Ignored if minimumActorAssuranceForApproval is set. Translated to minimumActorAssuranceForApproval at resolution time: true → 'claim_validated' false → 'best_effort'
Optional ReadonlyidentityP35a/P35b1/P35b2: IdP configuration for static keys or JWKS authority. Defines issuer, audience, claim mapping, and key source details. When set, allows idp_verified actors via FLOWGUARD_ACTOR_TOKEN_PATH.
ReadonlyidentityP35a: Controls IdP verification behavior when identityProvider is set.
Note: Approval gates respect minimumActorAssuranceForApproval regardless of this mode. This mode only controls whether IdP failure blocks session creation.
ReadonlyenforceEnforce machine-checked task risk classification at runtime.
ReadonlyallowAllow runtime downgrade overrides below the computed minimum risk class. Initial Issue #271 slice keeps all presets false; text justification alone must not bypass the gate.
ReadonlyallowPermit reduced delivery ceremony only after runtime evidence proves a task is low risk. This never lets claimedTaskClass decide flow depth by itself.
ReadonlydiscoveryPolicy-gated fail-closed Discovery health enforcement (#399). Governs whether missing/corrupt/invalid/drifted/degraded Discovery blocks mutating host tools. Never fabricates evidence; DiscoveryResult stays SSOT.
ReadonlyvalidationPolicy-gated fail-closed validation-evidence enforcement (#400). Governs whether VALIDATION may pass with no Discovery-derived verification commands. Never fabricates evidence; verificationCandidates stays SSOT.
Full FlowGuard policy configuration.
Determines: