SessionScope
SessionScope =
"self"|"child"|"any"|"user"
Defined in: mcp.ts:54
Session-identity scope for tools that take a session_id (or run_id)
argument. Central dispatch keys off this to decide how the target session
may relate to the caller’s trusted transport binding (see
McpToolCallContext.recursiveSessionIdTrusted).
self: mutates the calling session’s own state. Enforcement resolves the target from the trusted transport binding (injecting it as the effectivesession_id) and rejects a mismatchedsession_idargument.child: parent acting on a session it delegated; authorized by run lineage (target.parent_session_id === caller).any: read-only or session-agnostic; no identity restriction.user: dashboard-intent lifecycle op; exempt from the self-check (existing audience gating still applies).