18. Global Permission System

Where the Cross-Tool Safety Story Lives

The utils/permissions/ directory is the shared policy infrastructure behind multiple tools. It contains permission modes, result types, rule parsing, rule shadowing checks, dangerous patterns, shell rule matching, classifier logic, denial tracking, and auto-mode state.

Important Subsystems

Path	Purpose
`PermissionMode.ts`	Defines the top-level operating modes.
`PermissionRule.ts` and `permissionRuleParser.ts`	Turn human-readable rules into machine-usable policy objects.
`permissions.ts`	Cross-tool rule evaluation and prompt construction.
`bashClassifier.ts` and classifier files	Add ML-like or heuristic classification into policy decisions.
`denialTracking.ts`	Tracks repeated denials and helps shape fallback behavior.

Key Lesson

The best safety lesson in this tree is not one particular guardrail. It is the fact that permissions are a system: types, rule syntax, parsing, matching, classifier input, prompts, state tracking, and mode transitions all cooperate.

Source Navigation

Recommended Source Files

source/tools/BashTool/bashPermissions.ts
source/tools/BashTool/bashSecurity.ts
source/services/mcpServerApproval.tsx
source/components/TrustDialog/TrustDialog.tsx
source/services/policyLimits/index.ts

Next Files to Read

source/tools/BashTool/destructiveCommandWarning.ts
source/services/teamMemorySync/teamMemSecretGuard.ts
source/services/mcp/channelPermissions.ts