Permission Mode Lives in APX, Not APC

APC is the portable context layer. APX is the runtime and tooling layer. This distinction matters for security.

Permissions are not project truth. They are machine policy.

A repository must travel between laptops and desktops without friction. A permission setting should not force the same risk level on every machine. If you put permission state in APC, you mix local trust with shared context.

APX keeps the boundary clear. Permission mode lives in your local config, not in the repository.

The available modes are:

  • total: run every tool without confirmation.
  • automatico: allow safe reads and shell work. Ask for confirmation on destructive or outbound actions.
  • permiso: run only allowed tools directly. Everything else needs confirmation.

Automatico is the default. It keeps the runtime usable for daily work.

APC handles project metadata, agents, and skills. This content stays stable across tools and works well in git.

Permission mode depends on runtime facts:

  • Who owns the machine.
  • If the machine is personal or shared.
  • If the task is exploratory or high risk.
  • How much trust you give the runtime today.

If you move permissions to APC, you create two problems. You inherit a policy that might not fit a new machine. You also turn a local safety choice into shared project baggage.

The repo describes the work. APX decides how much power the local runtime has.

APX enforces this in code. The createPermissionGuard function reads your global config and blocks or allows tool calls.

This structure matches how you work. Reading a file is different from changing a repository. A safe lookup is different from an MCP connection.

You can use the same APC project with different APX policies. Use automatico on your laptop. Use permiso on a shared workstation.

Use this test to decide where a setting belongs:

  • Does it answer "what is this project?" Put it in APC.
  • Does it answer "what may this machine do right now?" Put it in APX.

Permission mode belongs in APX. This keeps APC portable and keeps your local runtime honest.

Source: https://dev.to/agentprojectcontext/permission-mode-lives-in-apx-not-apc-50d6

Optional learning community: https://t.me/GyaanSetuAi