Permissions

Control what OpenABCode can read, edit, execute, and call.

Actions

Permissions apply to tool actions such as read, edit, shell, web, and MCP calls.

Configuration

Use deny-by-default patterns for sensitive repositories and allow narrow commands.

{
  "permissions": {
    "bash": "ask",
    "edit": "ask"
  }
}

Granular Rules

Use object syntax when a tool needs different rules by path, command, or context.