Permissions & safety

Permission request

Also called: approval prompt

A permission request is the moment an agent stops and asks you to approve a consequential action, such as running a command or writing a file, before it happens. It is the seam where a human can catch a mistake before it lands.

James Phoenix
Understanding Data Updated July 2, 2026

A permission request is the moment an agent stops and asks before it does something that matters. It has decided to make a tool call, run a shell command, or overwrite a file, and instead of just doing it, it shows you what it is about to do and waits for a yes or no.

Why the pause matters

An agent that acted on every impulse would be alarming. One wrong command can delete files, drop a table, or push broken code. The permission request is the point where a person gets to catch the mistake before it happens. It is the concrete way an agent keeps a human in the loop.

What usually triggers one:

  • Running a command that changes the system: installs, deletes, network calls.
  • Writing or overwriting files outside a safe scratch area.
  • Anything the tool's policy has flagged as too risky to auto-approve.

Read them, do not rubber-stamp

The whole value of a permission request disappears if you approve on autopilot. Read what the command actually does. Notice the rm -rf, the unfamiliar URL, the write to the wrong path. The prompt only protects you if you are actually looking.

The flip side is real too: too many prompts and you stop reading them. That tension is exactly what the permission mode exists to manage.

Tip
Treat a permission request as a two-second review, not a speed bump. The one command you wave through without reading is the one that bites.

Related terms

Building with AI agents?

This dictionary is part of how I think about agentic engineering. If you want the same thinking applied to your codebase, that is what I do.

See how I can help