Permissions
Control what agents may do before actions happen.
Permissions are the safety boundary between model intent and real execution. NextOS can ask before shell commands, file edits, network calls, MCP tools, subagents, and other sensitive actions.
Permission decisions
| Decision | Meaning |
|---|---|
| Deny | Do not run the action. |
| Allow once | Run this exact action now. |
| Allow always | Create a rule for matching future actions. |
Use allow-once when you are still learning a project. Use allow-always only for stable, low-risk patterns.
Permission center
The desktop permission view groups pending requests, shows previews and targets, and lets you export audit data. This is useful when a long-running task has several approvals waiting.
Rules
{ "permission": [ { "permission": "bash", "pattern": "bun test*", "action": "allow" }, { "permission": "bash", "pattern": "rm -rf*", "action": "deny" } ]}Keep destructive commands denied by default and review auto-accept rules regularly.