Skip to main content
Pick who (or what) approves a tool call — the terminal, a coding-mode fast path, or a chat channel that fans out to Slack/Telegram/Discord.
from praisonaiagents import Agent

agent = Agent(
    name="coder",
    instructions="Edit files carefully.",
    tools=["write_file"],
    approval="console",
)
agent.start("Refactor utils.py")
The user triggers a risky tool; the chosen approval backend prompts or routes the decision to a human.

Available Backends

How It Works

A risky tool call pauses until the chosen backend collects a human decision.

Backend Matrix

BackendWhere it runsOne-line meaning
console (also true/yes/1)StandaloneAsk on the terminal, y/N
none (also false/no/0)StandaloneAuto-approve everything (unsafe)
autoStandaloneAuto-approve safe read-only tools
planStandaloneCoding-mode plan approval
accept-editsStandaloneAuto-accept file-edit tools
bypassStandaloneApprove without prompting (dev)
agentStandaloneDelegate to a reviewer agent (see below)
slackWrapperApprovals routed to Slack
telegramWrapperApprovals routed to Telegram
discordWrapperApprovals routed to Discord
webhookWrapperCustom outbound HTTP webhook
httpWrapperInbound HTTP approval endpoint
secureWrapperSecure-mode policy (audit-logged)
presentationWrapperPresentation/demo-safe policy
Wrapper backends (slack, telegram, discord, webhook, http, secure, presentation) require pip install praisonai.

Quick Start

from praisonaiagents import Agent

agent = Agent(
    name="Code assistant",
    instructions="Help refactor code files.",
)
agent.start("Refactor utils.py")
1

Choose your approval mode

Ask the user on the terminal before each risky tool call:
praisonai-code run --approval console "Refactor utils.py"

--approval-timeout

--approval-timeout takes seconds. Pass none to wait indefinitely.
praisonai-code run --approval console --approval-timeout 60 "..."
praisonai-code run --approval slack --approval-timeout none "..."

Reviewer-Agent Mode (--approval agent)

When you pass --approval agent, a built-in LLM reviewer gates every tool call. The default reviewer instruction is:
“You are a security reviewer. Only approve low-risk read operations. Deny anything destructive. Respond with exactly one word: APPROVE or DENY”
praisonai-code run --approval agent "List all files and summarise the project"
The reviewer responds with exactly APPROVE or DENY for each pending tool call. You can override the default instruction by passing a custom reviewer prompt via the API:
from praisonaiagents import Agent
from praisonaiagents.approval import AgentApproval

reviewer = Agent(
    name="strict-reviewer",
    instructions="Only approve file reads. Deny everything else. Reply APPROVE or DENY.",
)

agent = Agent(
    name="Assistant",
    instructions="Help with coding tasks.",
    approval=AgentApproval(approver_agent=reviewer),
)
agent.start("Read and summarise main.py")

Unknown-Backend Error

If you pass an unrecognised backend name, the CLI raises:
Unknown approval backend: '<value>'. Valid options: console, plan, accept-edits, bypass, auto, agent, none, discord, http, presentation, secure, slack, telegram, webhook
Use this to trap typos — the valid list is alphabetically sorted within the wrapper group.

Best Practices

Use console in interactive dev, agent for unattended runs where a reviewer LLM can gate tools.
accept-edits and plan are the coding-mode fast paths — pair them with praisonai-code code.
none disables approval entirely; only use it in throwaway sandboxes.

Local Tools Loading

Approval decides who says yes to your local tools.

Approval

The full approval system — dangerous tool gating, TTY detection, and safe defaults.