Skip to main content
Permissions decide how much freedom the agent has in a conversation — from strictly read-only research to fully autonomous execution. Synti gives you three permission modes you can switch between instantly, plus configurable rules for the times you want finer control. This page explains each mode, how dangerous operations are handled, and how to tailor permissions to your workflow.

Switching modes

Cycle through the three permission modes at any time with Shift+Tab. The active mode is stored with the conversation, so a thread keeps its setting until you change it.

The three modes

Explore (read-only)

Explore restricts the agent to gathering information. It can read files, search with patterns, run read-only commands, and browse the web — but every write is blocked. File edits, mutating shell commands, and changes through external sources are all disallowed. Use Explore to research, audit, or plan without any risk of changes.

Ask to Edit (default)

Ask to Edit is the balanced default. It lets the agent act, but keeps you in the loop with a three-tier approval system:
  • Safe operations run automatically without prompting.
  • Regular operations pause for your approval, offering yes, no, or always allow so you can pre-approve similar actions.
  • Dangerous operations require your explicit approval every single time — “always allow” is not offered for them.

Execute (full autonomy)

Execute removes the approval prompts and lets the agent run uninterrupted. It’s ideal for trusted, well-scoped automation, but it hands the agent significant freedom.
Execute mode bypasses permission prompts entirely. Only use it when you fully trust the operations the agent will perform.

Dangerous operations

Some actions are treated as high-risk no matter the mode and always require individual approval — they can never be auto-approved:

Customizing permissions

You can shape permissions to fit your workflow in two ways.

Just ask

The simplest approach is to tell the agent in plain language, for example: “Allow npm build in Explore mode.” Synti records the rule for you.

Configuration rules

For precise, durable control, permissions are defined as JSON rules that cascade across three levels:
  • App — defaults for the whole application.
  • Workspace — overrides for a specific workspace.
  • Source — rules scoped to an individual source.
Rules can whitelist shell command patterns, MCP tool operations, REST API endpoints, and writable paths. Because they cascade, a broad app-level default can be tightened or loosened at the workspace or source level.
Permissions work together with the working directory and sources: the mode decides whether an action is allowed, while those settings decide where and what the agent can reach.

Choosing a mode

Start new or unfamiliar tasks in Explore to review the plan safely, move to Ask to Edit once you’re ready for changes, and reserve Execute for automation you’ve already vetted.