Auto-Approving Actions
⚠️ SECURITY WARNING: Auto-approve settings bypass confirmation prompts, giving AI Cockpit Reasoning direct access to your system. This can result in data loss, file corruption, or worse. Command line access is particularly dangerous, as it can potentially execute harmful operations that could damage your system or compromise security. Only enable auto-approval for actions you fully trust.
Auto-approve settings speed up your workflow by eliminating repetitive confirmation prompts, but they significantly increase security risks.
Quick Start Guide
- Click the Auto-Approve Toolbar above the chat input
- Select which actions AI Cockpit Reasoning can perform without asking permission
- Use the master toggle (leftmost checkbox) to quickly enable/disable all permissions
Auto-Approve Toolbar
Prompt box and Auto-Approve Toolbar showing enabled permissions
Click the toolbar to expand it and configure individual permissions:
Prompt text box and Expanded toolbar with all options
Available Permissions
| Permission | What it does | Risk level |
|---|---|---|
| Read files and directories | Lets AI Cockpit Reasoning access files without asking | Medium |
| Edit files | Lets AI Cockpit Reasoning modify files without asking | High |
| Execute approved commands | Runs whitelisted terminal commands automatically | High |
| Use the browser | Allows headless browser interaction | Medium |
| Use MCP servers | Lets AI Cockpit Reasoning use configured MCP services | Medium-High |
| Switch modes | Changes between AI Cockpit Reasoning modes automatically | Low |
| Create & complete subtasks | Manages subtasks without confirmation | Low |
| Retry failed requests | Automatically retries failed API requests | Low |
| Answer follow-up questions | Selects default answer for follow-up questions | Low |
| Update todo list | Automatically updates task progress | Low |
Master Toggle for Quick Control
The leftmost checkbox works as a master toggle:
Master toggle (checkbox) controls all auto-approve permissions at once
Use the master toggle when:
- Working in sensitive code (turn off)
- Doing rapid development (turn on)
- Switching between exploration and editing tasks
Advanced Settings Panel
The settings panel provides detailed control with important security context:
Allow AI Cockpit Reasoning to automatically perform operations without requiring approval. Enable these settings only if you fully trust the AI and understand the associated security risks.
To access these settings:
- Click in the top-right corner
- Navigate to Auto-Approve Settings
Complete settings panel view
Read Operations
Setting: "Always approve read-only operations"
Description: "When enabled, AI Cockpit Reasoning will automatically view directory contents and read files without requiring you to click the Approve button."
Risk level: Medium
While this setting only allows reading files (not modifying them), it could potentially expose sensitive data. Still recommended as a starting point for most users, but be mindful of what files AI Cockpit Reasoning can access.
Write Operations
Setting: "Always approve write operations"
Description: "Automatically create and edit files without requiring approval"
Risk level: High
This setting allows AI Cockpit Reasoning to modify your files without confirmation. There are two additional settings for writing operations:
Browser Actions
Setting: "Always approve browser actions"
Description: "Automatically perform browser actions without requiring approval"
Note: "Only applies when the model supports computer use"
Risk level: Medium
Allows AI Cockpit Reasoning to control a headless browser without confirmation. This can include:
- Opening websites
- Navigating pages
- Interacting with web elements
Consider the security implications of allowing automated browser access.
API Requests
Setting: "Always retry failed API requests"
Description: "Automatically retry failed API requests when server returns an error response"
Delay slider: "Delay before retrying the request" (Default: 5s)
Risk level: Low
This setting automatically retries API calls when they fail. The delay controls how long AI Cockpit Reasoning waits before trying again:
- Longer delays are gentler on API rate limits
- Shorter delays give faster recovery from transient errors
MCP Tools
Setting: "Always approve MCP tools"
Description: "Enable auto-approval of individual MCP tools in the MCP Servers view (requires both this setting and the tool's individual 'Always allow' checkbox)"
Risk level: Medium-High (depends on configured MCP tools)
This setting works in conjunction with individual tool permissions in the MCP Servers view. Both this global setting and the tool-specific permission must be enabled for auto-approval.
Mode Switching
Setting: "Always approve mode switching"
Description: "Automatically switch between different modes without requiring approval"
Risk level: Low
Allows AI Cockpit Reasoning to change between different modes (Code, Architect, etc.) without asking for permission. This primarily affects the AI's behavior rather than system access.
Subtasks
Setting: "Always approve creation & completion of subtasks"
Description: "Allow creation and completion of subtasks without requiring approval"
Risk level: Low
Enables AI Cockpit Reasoning to create and complete subtasks automatically. This relates to workflow organization rather than system access.
Command Execution
Setting: "Always approve allowed execute operations"
Description: "Automatically execute allowed terminal commands without requiring approval"
Command management: "Command prefixes that can be auto-executed when 'Always approve execute operations' is enabled. Add * to allow all commands (use with caution)."
Denied Commands: "Command prefixes that will be automatically denied without asking for approval. In case of conflicts with allowed commands, the longest prefix match takes precedence. Add * to deny all commands."
Risk level: High
This setting allows terminal command execution with controls. While risky, the whitelist feature limits what commands can run. Important security features:
- Whitelist specific command prefixes (recommended)
- Never use * wildcard in production or with sensitive data
- Consider security implications of each allowed command
- Always verify commands that interact with external systems
Interface elements:
- Text field to enter command prefixes (e.g., 'git')
- "Add" button to add new prefixes
- Clickable command buttons with X to remove them
Follow-Up Questions
Setting: Always default answer for follow-up questions
Description: Automatically selects the first AI-suggested answer for a follow-up question after a configurable timeout. This speeds up your workflow by letting Roo proceed without manual intervention.
Visual countdown: When enabled, a countdown timer appears on the first suggestion button, showing the remaining time before auto-selection. The timer is displayed as a circular progress indicator that depletes as time passes.
Timeout slider: Use the slider to set the wait time from 1 to 300 seconds (Default: 60s).
Override options: You can cancel the auto-selection at any time by:
- Clicking a different suggestion
- Editing any suggestion
- Typing your own response
- Clicking the timer to pause it
Risk level: Low
Use cases:
- Overnight runs where you want Roo to continue working
- Repetitive tasks where the default suggestions are usually correct
- Testing workflows where interaction isn't critical
Update Todo List
Setting: "Always approve todo list updates"
Description: "Automatically update the to-do list without requiring approval"
Risk level: Low
This setting allows Roo to automatically update task progress and todo lists during work sessions. This includes:
- Marking tasks as completed
- Adding new discovered tasks
- Updating task status (pending, in progress, completed)
- Reorganizing task priorities
Benefits:
- Maintains real-time task progress visibility
- Reduces interruptions during multi-step workflows
- Keeps project status accurately reflected
- Helps track complex task dependencies
Use cases:
- Long-running development sessions
- Multi-step refactoring projects
- Complex debugging workflows
- Feature implementation with many subtasks
This is particularly useful when combined with the Subtasks permission, as it allows Roo to maintain a complete picture of project progress without constant approval requests.