Safety & Control

Control what AgenticFlow Enterprise can do and when it needs your approval.

AgenticFlow Enterprise is designed around the Glass Box philosophy: you see everything, you control everything. This page explains how to set your comfort level with AgenticFlow Enterprise’s autonomy.

The Safety Slider

Think of permissions like trust levels with a new employee:

Level	Name	How It Works
🟢	Allow	AgenticFlow Enterprise handles it automatically—no approval needed
🟡	Ask	AgenticFlow Enterprise shows you what it wants to do and waits for approval
🔴	Deny	AgenticFlow Enterprise can’t do this action at all

By default, AgenticFlow Enterprise asks for approval on sensitive operations. As you build trust, you can grant more autonomy.

What You Can Control

File Editing

Control whether AgenticFlow Enterprise can modify your files:

{
  "permission": {
    "edit": "ask"
  }
}

Allow: AgenticFlow Enterprise edits files without asking
Ask: AgenticFlow Enterprise shows the changes and waits for your “OK” (recommended to start)
Deny: AgenticFlow Enterprise can only suggest edits, not make them

Running Commands

Control whether AgenticFlow Enterprise can run commands on your system:

{
  "permission": {
    "bash": "ask"
  }
}

You can also set rules for specific commands:

{
  "permission": {
    "bash": {
      "open *": "allow",
      "mv *": "ask",
      "rm *": "deny"
    }
  }
}

This example:

✅ Allows opening files and apps
🟡 Asks before moving files
🔴 Blocks file deletion entirely

Web Access

Control whether AgenticFlow Enterprise can fetch information from the web:

{
  "permission": {
    "webfetch": "ask"
  }
}

Files Outside Your Folder

By default, AgenticFlow Enterprise asks before touching files outside your current project folder:

{
  "permission": {
    "external_directory": "ask"
  }
}

This prevents accidental changes to files you didn’t intend to work with.

Quick Setup: Conservative Start

New to AgenticFlow Enterprise? Start with this “ask for everything” configuration:

{
  "permission": {
    "edit": "ask",
    "bash": "ask",
    "webfetch": "ask",
    "external_directory": "ask"
  }
}

As you get comfortable, you can loosen specific permissions.

Quick Setup: Hands-Off Mode

Ready to let AgenticFlow Enterprise handle routine tasks? Try this:

{
  "permission": {
    "edit": "allow",
    "bash": {
      "*": "allow",
      "rm *": "ask",
      "sudo *": "deny"
    },
    "external_directory": "ask"
  }
}

This allows most operations but:

🟡 Asks before deleting files
🔴 Blocks admin/system commands
🟡 Asks before touching files outside your project

Session Approvals

When AgenticFlow Enterprise asks for permission during a session, you’ll see three options:

Accept — Allow this one time
Accept Always — Allow this action for the rest of the session
Deny — Block this action

“Accept Always” is useful when AgenticFlow Enterprise needs to do the same thing repeatedly (like opening multiple files).

Where to Put Your Settings

Save your permission settings in one of these locations:

Location	Scope
`~/.config/agenticflow-enterprise/agenticflow-enterprise.json`	All your projects (global)
`./agenticflow-enterprise.json`	This project only

Project settings override global settings, so you can have stricter rules for sensitive projects.

Summary

Permission	What It Controls	Recommended Start
`edit`	Modifying files	Ask
`bash`	Running commands	Ask
`webfetch`	Accessing the web	Ask
`external_directory`	Files outside project	Ask

Start conservative, build trust, then adjust. That’s the Glass Box way. 🔍