Five-tier permission model combining glob rule matching, ML classification, and interactive prompting.
The permission system is a layered rule engine. Before any tool runs, the system evaluates: mode → managed rules → user rules → ML classifier → interactive prompt. Each layer can grant or deny independently.
Managed rules (from org policy) are checked first and cannot be overridden by user settings. This allows enterprises to enforce security policies without users being able to bypass them.
The ML classifier scores bash commands for safety on a 0-1 scale. High-confidence safe commands (like `ls`, `cat`) auto-approve in `auto` mode. Ambiguous commands fall back to prompting.
ML classifier integration and managed-rules enforcement at the top of the permission check.
/* eslint-disable @typescript-eslint/no-require-imports */
const classifierDecisionModule = feature('TRANSCRIPT_CLASSIFIER')
? (require('./classifierDecision.js') as typeof import('./classifierDecision.js'))
: null
const autoModeStateModule = feature('TRANSCRIPT_CLASSIFIER')
? (require('./autoModeState.js') as typeof import('./autoModeState.js'))
: null
import {
addToTurnClassifierDuration,
getTotalCacheCreationInputTokens,
getTotalCacheReadInputTokens,
getTotalInputTokens,
getTotalOutputTokens,
} from '../../bootstrap/state.js'
import { getFeatureValue_CACHED_WITH_REFRESH } from '../../services/analytics/growthbook.js'
import {
type AnalyticsMetadata_I_VERIFIED_THIS_IS_NOT_CODE_OR_FILEPATHS,
logEvent,
} from '../../services/analytics/index.js'
import { sanitizeToolNameForAnalytics } from '../../services/analytics/metadata.js'
import {
clearClassifierChecking,Ask anything about Permission Systems
Powered by Groq · Enter to send, Shift+Enter for newline