mesh-acl — Role-based access control for Mesh Protocol
mesh acl [args] grant, revoke, check, roles, list, policy, audit-log
# mesh-acl
Role-based access control for Mesh Protocol. Manages agent permissions through roles (admin, builder, trader, reader, governor, auditor). Supports grant/revoke, permission checking with wildcard matching, custom role creation, and append-only audit logging.
## Usage
```
mesh acl grant <agent> <role>
mesh acl revoke <agent> <role>
mesh acl check <agent> <permission>
mesh acl roles
mesh acl list [agent]
mesh acl policy [show|add-role]
mesh acl audit-log [count]
```
## Built-in Roles
- admin: Full access (*)
- builder: tool.create, tool.modify, commons.write, ledger.write, test.run
- trader: commerce.buy, commerce.sell, credits.transfer, negotiate.*
- reader: *.read, commons.read, ledger.read, query.*
- governor: governance.*, commons.write, ledger.write
- auditor: audit.*, ledger.read, query.*, health.*
## Location
tools/mesh-acl/acl.sh