Permission Classifier
The agent knows when it can act on its own and when it needs your confirmation.
An agent that's too autonomous is dangerous. An agent that asks permission for everything is unusable. The permission classifier finds the right balance.
Before every action, the agent automatically evaluates its risk level. Read a file? No-risk action, immediate execution. Delete a directory? Irreversible action, confirmation required.
The result is an agent that moves fast on routine tasks and stops at the right moments. No unnecessary micromanagement, no risky action without validation.
Interception
Every action the agent is about to execute passes through the classifier before execution.
Risk evaluation
The classifier analyzes: action type (read/write/delete), scope (local/remote), reversibility, potential impact.
User context
The history of permissions granted or denied by the user is considered.
Decision
Three possible outcomes: autonomous execution, confirmation request, or refusal with explanation.
Learning
User decisions feed the model. The agent gradually adapts to each user's preferences.
Development
The agent reads and modifies code files without asking. But it asks confirmation before launching a deployment or modifying a production environment variable.
Communication
The agent drafts emails freely but asks for validation before sending. Except for routine internal replies.
System administration
The agent runs diagnostic commands without asking. It requests confirmation for service restarts and refuses destructive commands.
featurePages.permissionClassifier.config
- Active by default on all EasyClaw v2 agents
- Configurable per agent and per user
- Compatible with the OpenClaw governance system