Logo
Features

Permission System

Understand how Kodezi CLI manages permissions for file operations, commands, network access, and more.

The permission system in Kodezi CLI gives you complete control over what the AI is allowed to access or modify on your machine.

It ensures safe usage by requiring confirmation before performing sensitive actions such as running commands, editing files, or making network requests.

Permission Types

Kodezi may request permission when performing certain tasks. These actions fall into four main categories:

  • File Operations: Reading, writing, editing, or deleting files.
  • Command Execution: Running shell commands in your terminal.
  • Network Requests: Sending or receiving data using HTTP/HTTPS.
  • Directory Access: Browsing or modifying folders.

These permissions help protect your system from accidental or unwanted changes.

Permission Modes

Default Mode: You manually approve each action when prompted.

  • Shows exactly what operation the AI wants to perform.
  • You can approve or deny each request individually.
  • Option to approve an action only once or for the whole session.
  • Provides detailed context for full transparency and safety.

This is the recommended mode for most users.

Yolo Mode: Automatically approves all operations without asking.

kodezi --yolo
  • No permission prompts will appear.
  • Ideal for trusted environments, automation, or scripting.
  • Commonly used in CI/CD pipelines.
  • Use with caution since all actions are instantly approved.

Allowlist Mode: Pre approve specific tools or actions using configuration.

{
  "permissions": {
    "allowed_tools": [
      "view",
      "ls",
      "bash:test"
    ]
  }
}
  • Tools listed in allowed_tools can run without prompting.
  • You maintain a controlled, restricted environment.
  • Other actions outside the allowlist will still require approval.

Permission Scope

Permissions can apply at different levels depending on your workflow:

  • Session level: Valid only for the current CLI session.
  • Path based: Restrict or allow actions in specific directories.
  • Tool specific: Grant control to individual tools such as view, edit, or bash.
  • Action based: Allow or restrict specific actions (e.g., write-only).

This flexible permission structure keeps you protected while enabling smooth development workflows.

Learn more about permissions →

Session Management

Learn how Kodezi CLI preserves conversation history, summaries, costs, and session lifecycles.

Code Intelligence

Understand how Kodezi CLI analyzes your code, detects issues, and helps you search and explore your project intelligently.

On this page

Permission Types
Permission Modes
Permission Scope