CoreLayer Docs
Configuration

Permissions

Configure the permission guard for tool execution.

The Permission Guard controls which tool calls require approval, which are auto-allowed, and which are blocked.

Permission Levels

LevelBehavior
ReadAuto-allowed (reading files, listing data)
WriteRequires approval (writing files, modifying data)
ExternalRequires approval (API calls, network requests)
DestructiveRequires approval with warning (deleting data)
Credential-sensitiveAlways blocked unless explicitly allowed

Configuration

{
  "permissions": {
    "defaultPolicy": "confirm",
    "rules": [
      {
        "tool": "filesystem:read",
        "policy": "allow"
      },
      {
        "tool": "filesystem:write",
        "policy": "confirm"
      },
      {
        "tool": "github:*",
        "policy": "confirm"
      },
      {
        "tool": "shell:execute",
        "policy": "deny"
      }
    ]
  }
}

Policies

PolicyEffect
allowExecute without asking
confirmPause and ask for user approval
denyBlock execution entirely

Approval Flow

When a tool call requires confirmation:

  1. Jarvis explains what it wants to do
  2. The approval panel shows the tool name, parameters, and risk level
  3. You can Approve, Deny, or Approve Always (for this tool)
  4. All decisions are logged in the audit trail

Audit Logs

Every tool execution is logged:

[2026-06-15 14:32:01] filesystem:write /workspace/README.md
  Risk: write
  Policy: confirm
  Decision: approved
  User: manual approval

View audit logs in Control Center → Permissions → Audit Log.

Next Steps

On this page