feature

Auto mode

A smart middle ground for permissions — safe actions run on their own, risky ones still stop for your yes.

Approving every harmless command gets tedious; approving *everything* up front is reckless. Auto mode is the in-between: a classifier watches each action and lets the safe ones through while pausing the risky ones for you. You keep moving on a long task without babysitting every git status, and the genuinely dangerous moves still wait for a human.

Permissions give you a dial between two extremes: approve every action by hand, or wave them all through. Both have a cost — the first is constant interruption, the second drops your guardrails entirely. Auto mode is the setting in the middle.

Instead of asking you about everything, a classifier sorts each action as it comes up: safe, routine things (reads, tests, status checks) just run, while anything that could do real damage still stops and waits for your yes. The result is a long task that mostly flows on its own but never quietly does something irreversible behind your back.

For the actions you want to rule out completely, set a hard deny — a block that holds no matter what else is on the allowlist. That’s the right home for force-pushes, production deploys, or anything you’d never want running unattended. Auto mode handles the boring middle; hard deny guards the cliff edge.

why it helps Keep your hands off the approve button without handing over the keys.

examples

Turn on the middle-ground permission mode

/auto

Block something outright, no exceptions

Never let it run a force-push — hard deny, even if it's allowlisted.

tips & best practices

It's the honest middle between approving everything and --dangerously-skip-permissions — safe stuff flows, risky stuff stops.
Set **hard deny** rules for actions that should *never* run automatically, no matter what else is allowed.
Pair it with [checkpoints](/features/checkpoints/) so even an auto-approved change has a clean way back.