Auto-Approval
Auto-approval lets CACD automatically respond to agent permission prompts when the requested action appears safe. Instead of you clicking “approve” for every read-only operation, CACD can handle the obvious ones.
How It Works
Section titled “How It Works”When an agent enters a “waiting for input” state, CACD can analyze the terminal output and decide:
- Needs permission - Something risky is happening. Wait for you.
- Safe to approve - It’s a read-only or low-risk operation. Approve automatically.
The analysis uses Claude Haiku to quickly evaluate the situation.
What Gets Blocked (Requires Your Approval)
Section titled “What Gets Blocked (Requires Your Approval)”- File modifications - Writing, deleting, moving files
- Package managers - npm install, pip install, apt install, etc.
- Git changes - Commits, pushes, history rewrites
- System operations - sudo, service restarts, permission changes
- Network operations - curl/wget to unknown hosts, ssh connections
- Sensitive areas - SSH keys, credentials, dotfiles, /etc configs
What Gets Approved Automatically
Section titled “What Gets Approved Automatically”- Read-only operations - Viewing files, listing directories
- Tests and linting - Running test suites, lint checks
- Help and info - Showing help text, version info
- Dry runs - Formatting checks, build previews
Enabling Auto-Approval
Section titled “Enabling Auto-Approval”- Open Settings in the WebUI
- Go to the General section
- Toggle Auto-Approval on
- Optionally adjust the timeout (default: 30 seconds)
Timeout
Section titled “Timeout”If the safety check takes too long, auto-approval falls back to waiting for your input. The default timeout is 30 seconds, but you can adjust this in settings.
Custom Verification Command
Section titled “Custom Verification Command”You can replace the built-in Claude Haiku check with your own script. Your command receives the terminal output and should return JSON indicating whether permission is needed:
{"needsPermission": true, "reason": "Attempting to delete files"}or
{"needsPermission": false}Configure this in settings under Auto-Approval Command.
- Start with auto-approval disabled until you’re comfortable with how your agents behave
- Use it on isolated worktrees where mistakes are easy to undo
- The Haiku model is fast but not perfect - review your session history occasionally