You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Implement an approval loop for the Windows coding agent so users can choose whether the agent has full edit access, must ask before edits, or runs in read-only mode.
Problem
The Windows coding agent needs a clear permission model before it can safely edit user files or repositories. Users should be able to control how much authority the agent has, especially when it can inspect code, propose patches, edit files, run commands, or make workspace changes.
Without an approval loop, users may not understand when the agent is allowed to modify files or may avoid using the coding agent because the safety boundary is unclear.
Constraints:
Windows desktop app.
Must support coding workflows without surprising edits.
Must make permission state visible and easy to change.
Must preserve a read-only path for users who only want analysis/review.
Solution (optional)
Add explicit coding-agent permission modes:
Read-only — agent can inspect files and propose changes, but cannot edit or run write/destructive commands.
Ask before edit — agent can inspect freely, but must request user approval before editing files or running commands that modify state.
Full access — agent can edit and run approved classes of commands without prompting each time, with clear UI state and audit trail.
The approval loop should integrate with the Windows coding-agent UI and the underlying command/file operation layer, not just a cosmetic toggle.
Acceptance criteria
Permission modes implemented — Windows coding agent supports Read-only, Ask before edit, and Full access modes.
Mode is visible — The active permission mode is clearly shown in the coding-agent UI before and during a task.
Read-only enforced — In read-only mode, the agent cannot edit files, write patches, mutate project state, or run write/destructive commands.
Ask-before-edit enforced — In ask-before-edit mode, every file edit or state-changing command requires explicit user approval.
Full-access controlled — Full-access mode is opt-in, clearly labeled, and can be downgraded at any time.
Approval UX complete — Approval prompts show what will change, the target file/command, and allow approve/deny.
Audit trail added — Approved and denied edit actions are logged or surfaced so users can review what happened.
Safe defaults — First-run/default mode is conservative, preferably read-only or ask-before-edit.
Diff coverage ≥ 80% — the implementing PR meets the changed-lines coverage gate (Vitest + cargo-llvm-cov, enforced by .github/workflows/coverage.yml) when code changes are involved.
Summary
Implement an approval loop for the Windows coding agent so users can choose whether the agent has full edit access, must ask before edits, or runs in read-only mode.
Problem
The Windows coding agent needs a clear permission model before it can safely edit user files or repositories. Users should be able to control how much authority the agent has, especially when it can inspect code, propose patches, edit files, run commands, or make workspace changes.
Without an approval loop, users may not understand when the agent is allowed to modify files or may avoid using the coding agent because the safety boundary is unclear.
Constraints:
Solution (optional)
Add explicit coding-agent permission modes:
The approval loop should integrate with the Windows coding-agent UI and the underlying command/file operation layer, not just a cosmetic toggle.
Acceptance criteria
Read-only,Ask before edit, andFull accessmodes..github/workflows/coverage.yml) when code changes are involved.Related