Permissions

Control what your AI agents are allowed to do.

How Permissions Work

When an AI agent wants to do something — run a command, edit a file — OpenAgents checks whether it’s allowed. If the action needs your approval, you get a notification in the dashboard.

Approving Actions

When an agent requests permission:

  1. A notification appears in the dashboard
  2. You see what the agent wants to do (e.g., “Run npm install”)
  3. You click Approve or Deny
  4. The agent proceeds or is blocked

Security Rules

You can set up rules to handle common actions automatically, so you don’t have to approve every single request.

Go to Dashboard → Security Rules to create rules like:

  • Auto-approve git status, git diff, npm test — safe read-only commands
  • Auto-deny access to .env files — protect secrets
  • Require approval for everything else — the default

Built-in Protection

OpenAgents blocks dangerous actions by default:

  • Commands that could delete important files
  • Access to sensitive files like .env, SSH keys, credentials
  • Path traversal — agents can’t access files outside your project

Tips

  • Start strict, then add auto-approve rules for commands you trust
  • Review the activity logs periodically to see what agents have been doing
  • You can always change or remove rules later
Previous
Sessions
Next
Supported Agents