Permission Modes

Permission modes provide predefined permission behaviors for agents, controlling how they handle permission requests during execution.

Quick Start

Import Permission Mode

from praisonaiagents.permissions import PermissionMode

Use with Subagents

from praisonaiagents.tools.subagent_tool import create_subagent_tool

# Create subagent tool with permission mode
tool = create_subagent_tool(
    default_permission_mode="plan"  # Read-only mode
)

# Spawn subagent
func = tool["function"]
result = func(task="Explore the codebase")

Available Modes

Mode	Value	Safety	Description
`DEFAULT`	`default`	✅ Safe	Standard permission checking - prompts for each operation
`ACCEPT_EDITS`	`accept_edits`	⚠️ Moderate	Auto-accepts file edit operations without prompting
`DONT_ASK`	`dont_ask`	⚠️ Moderate	Auto-denies all permission prompts
`BYPASS`	`bypass_permissions`	🔴 Dangerous	Skips all permission checks entirely
`PLAN`	`plan`	✅ Safe	Read-only exploration mode - no modifications allowed

Mode Details

DEFAULT - Standard Permission Checking

The default mode prompts for permission on each operation that requires approval.

from praisonaiagents.permissions import PermissionMode

mode = PermissionMode.DEFAULT
print(mode.value)  # "default"

Behavior:

Prompts user for each permission request
Follows configured permission rules
Safest mode for production use

ACCEPT_EDITS - Auto-Accept File Edits

Automatically accepts file edit operations without user confirmation.

from praisonaiagents.permissions import PermissionMode

mode = PermissionMode.ACCEPT_EDITS
print(mode.value)  # "accept_edits"

Behavior:

Auto-approves file write operations
Still prompts for other operations
Useful for automated refactoring tasks

Use with caution - agents can modify files without confirmation.

DONT_ASK - Auto-Deny Prompts

Automatically denies all permission prompts without user interaction.

from praisonaiagents.permissions import PermissionMode

mode = PermissionMode.DONT_ASK
print(mode.value)  # "dont_ask"

Behavior:

Auto-denies all permission requests
Agent continues with read-only operations
Useful for safe exploration tasks

BYPASS - Skip All Checks

Bypasses all permission checks entirely.

from praisonaiagents.permissions import PermissionMode

mode = PermissionMode.BYPASS
print(mode.value)  # "bypass_permissions"

Behavior:

No permission checks performed
All operations allowed
Maximum agent autonomy

Security Risk: Only use in fully trusted environments. Agent can perform any operation without restriction.

PLAN - Read-Only Exploration

Restricts agent to read-only operations for safe exploration.

from praisonaiagents.permissions import PermissionMode

mode = PermissionMode.PLAN
print(mode.value)  # "plan"

Behavior:

Only read operations allowed
Write/modify operations blocked
Perfect for codebase exploration

Recommended for subagents that only need to analyze code without making changes.

Usage with Subagents

Default Mode for All Subagents

from praisonaiagents.tools.subagent_tool import create_subagent_tool

# All subagents use plan mode by default
tool = create_subagent_tool(
    default_permission_mode="plan"
)

Per-Call Override

func = tool["function"]

# This call uses plan mode (read-only)
result1 = func(
    task="Explore the auth module",
    permission_mode="plan"
)

# This call uses accept_edits mode
result2 = func(
    task="Refactor the utils module",
    permission_mode="accept_edits"
)

Combined with Model Selection

tool = create_subagent_tool(
    default_llm="gpt-4o-mini",
    default_permission_mode="plan"
)

func = tool["function"]
result = func(
    task="Analyze code patterns",
    llm="gpt-4o",  # Override model
    permission_mode="default"  # Override permission mode
)

Best Practices

Use PLAN mode for exploration

When subagents only need to read and analyze code, use plan mode to prevent accidental modifications.

Avoid BYPASS in production

The bypass_permissions mode should only be used in controlled development environments, never in production.

Match mode to task

Choose the permission mode that matches the task requirements:

Exploration tasks → plan
Refactoring tasks → accept_edits
Interactive tasks → default

Log permission decisions

When using non-default modes, log the permission mode being used for audit purposes.

Permissions Module

Pattern-based permission rules

Subagent Delegation

Spawn and manage subagents

Getting Started

Core Concepts

Guides

Memory

Knowledge

RAG

Features

Image Agents

Video Agents

Audio Agents

OCR

Models

Persistence

Databases

Observability

Tools

Other Features

Developers

Configuration

Best Practices

Getting Started (No Code)

Quick Start

Available Modes

Mode Details

Usage with Subagents

Default Mode for All Subagents

Per-Call Override

Combined with Model Selection

Best Practices

Permissions Module

Subagent Delegation

Getting Started

Core Concepts

Guides

Memory

Knowledge

RAG

Features

Image Agents

Video Agents

Audio Agents

OCR

Models

Persistence

Databases

Observability

Tools

Other Features

Developers

Configuration

Best Practices

Getting Started (No Code)

​Quick Start

​Available Modes

​Mode Details

​Usage with Subagents

​Default Mode for All Subagents

​Per-Call Override

​Combined with Model Selection

​Best Practices

​Related

Permissions Module

Subagent Delegation

Quick Start

Available Modes

Mode Details

Usage with Subagents

Default Mode for All Subagents

Per-Call Override

Combined with Model Selection

Best Practices

Related