Skip to main content
Manage interactive tool-approval rules from the CLI — praisonai permissions lists, adds, removes, and shares your project’s approval rules.

Quick Start

1

Run with interactive approval

praisonai --approval console run "Check git status"
When a sensitive tool runs, you see the approval prompt.
2

Persist with Always allow

Press A at the prompt to write a rule to .praisonai/permissions/rules.json.
3

Re-run without prompting

praisonai --approval console run "Check git status again"
Matching rules are applied automatically.

Approval prompt

⚠ Tool Approval Required
Tool: bash(command='git status')
Risk: medium
Agent: researcher

Options:
  [a] Allow once
  [A] Always allow (persist rule)
  [d] Deny
  [D] Always deny (persist rule)

Your choice:

CLI approval modes

FlagModeBehaviour
--approval consoleDEFAULTPrompt for sensitive tools
--approval planPLANBlock write, edit, delete, bash, shell
--approval accept-editsACCEPT_EDITSAuto-approve edit/write tools
--approval bypassBYPASSSkip all checks (dangerous)
The CLI flag bypass maps to PermissionMode.BYPASS, whose value is bypass_permissions.
praisonai --approval plan run "Explore the codebase"
praisonai --approval accept-edits run "Refactor utils.py"

Non-interactive mode

OptionTypeDefaultDescription
--yes / -yflagoffSkip prompts; approval defaults to deny
PRAISONAI_NON_INTERACTIVE=1envunsetSame as --yes for CI and scripts
praisonai --yes --approval console run "Deploy check"
PRAISONAI_NON_INTERACTIVE=1 praisonai --approval console run "Deploy check"

Subcommands

list

List all permission rules in the current project. 
praisonai permissions list

allow

Add an ALLOW rule. 
praisonai permissions allow "bash:git *" --description "Allow git"
OptionTypeDefaultDescription
--agentstringall agentsScope rule to one agent
--descriptionstringautoHuman-readable label
--priorityint100Higher values are checked first

deny

Add a DENY rule. 
praisonai permissions deny "bash:rm *" --priority 200
OptionTypeDefaultDescription
--agentstringall agentsScope rule to one agent
--descriptionstringautoHuman-readable label
--priorityint100Higher values are checked first

ask

Add an ASK rule (always prompt). 
praisonai permissions ask "bash:*" --agent researcher
OptionTypeDefaultDescription
--agentstringall agentsScope rule to one agent
--descriptionstringautoHuman-readable label
--priorityint50Higher values are checked first

remove

Remove a rule by ID prefix (from list output). 
praisonai permissions remove a1b2c3d4

reset

Delete all rules and approvals (requires confirmation). 
praisonai permissions reset

export

Print rules as JSON to stdout. 
praisonai permissions export > rules.json

import

Import rules from a JSON file. 
praisonai permissions import rules.json

Rule patterns

Patterns use tool_name:argument_pattern glob syntax:
PatternMatches
bash:git *All git bash commands
bash:ls *ls commands
read:*All read tool calls
write:*.envWrites to .env files
When you choose [A] or [D], the CLI auto-generates patterns — for example bash:git * for git commands, or tool_name:* as the default.

Project storage

Rules and session approvals are stored under the current working directory:
FilePurposeCommit to git?
.praisonai/permissions/rules.jsonPersistent allow/deny rulesYes — share team rules
.praisonai/permissions/approvals.jsonPer-developer session approvalsNo — local only

Best practices

Share .praisonai/permissions/rules.json so everyone gets the same allow/deny defaults.
--approval bypass skips every check. Reserve it for fully trusted local sandboxes.
--approval plan blocks writes and shell commands while you inspect a codebase.
Use bash:git * instead of one-off rules so related commands stay covered.

Interactive Tool Approval

User-facing approval experience

Permission Modes

Mode reference for agents and CLI

Permissions Module

Python SDK for permission rules