Skip to main content
Permission modes set how subagents handle tool approval — read-only exploration, auto-accept edits, or full bypass.
This page covers the runtime PermissionMode enum (DEFAULT, PLAN, ACCEPT_EDITS, DONT_ASK, BYPASS). For the declarative mode: field in agent definition files (build / read-only / plan / review), see Agent Presets & Modes.
from praisonaiagents import Agent
from praisonaiagents.tools.subagent_tool import create_subagent_tool

spawn = create_subagent_tool(default_permission_mode="plan")

agent = Agent(
    name="Lead",
    instructions="Delegate read-only exploration to subagents",
    tools=[spawn],
)
agent.start("Explore the auth module without making changes")
The user delegates exploration; permission mode controls whether subagents can edit or must stay read-only.

How It Works

Quick Start

1

Simple Usage

from praisonaiagents import Agent
from praisonaiagents.tools.subagent_tool import create_subagent_tool

spawn = create_subagent_tool(default_permission_mode="plan")

agent = Agent(name="Lead", tools=[spawn])
agent.start("Map the project structure read-only")
2

With Configuration

Override the mode per subagent call:
func = spawn["function"]

func(task="Explore auth", permission_mode="plan")
func(task="Fix lint in utils", permission_mode="accept_edits")
From the CLI:
praisonai --approval plan run "Explore the repo"
praisonai --approval accept-edits run "Fix lint errors"

Available Modes

ModeValueSafetyDescription
DEFAULTdefaultSafeStandard checking — prompt for each operation
PLANplanSafeRead-only — no write or shell operations
ACCEPT_EDITSaccept_editsModerateAuto-accept file edits; still prompts for other ops
DONT_ASKdont_askModerateAuto-deny all permission prompts
BYPASSbypass_permissionsDangerousSkip all checks — requires explicit opt-in
BYPASS skips all permission checks. For Claude Code backend, set both ClaudeCodeBackend(unsafe=True) and PRAISONAI_CLAUDE_BYPASS_PERMISSIONS=1.

Configuration Options

OptionTypeDefaultDescription
default_permission_modestrNoneDefault mode for all subagents from create_subagent_tool
permission_modestrNonePer-call override on spawn_subagent
--approvalCLI flagTTY-dependentMaps to modes: console, plan, accept-edits, bypass
CLI mapping:
PermissionModeEnum valueCLI flag
DEFAULTdefault--approval console
PLANplan--approval plan
ACCEPT_EDITSaccept_edits--approval accept-edits
BYPASSbypass_permissions--approval bypass
DONT_ASKdont_askNon-interactive only (--yes / PRAISONAI_NON_INTERACTIVE=1)

Best Practices

Set default_permission_mode="plan" when subagents only read and analyse code — prevents accidental file changes.
Exploration → plan. Refactoring → accept_edits. Interactive work → default.
Reserve bypass_permissions for fully trusted local development environments only.
Record which permission mode is active for audit trails when running non-default modes.

Permissions Module

Pattern-based allow, deny, and ask rules

Interactive Approval

Terminal approval experience for tool calls