The Permissions Model.

The Intern uses a granular, risk-tiered permissions model. Agents ask before acting on anything that could have real-world consequences.

Risk tiers

Low risk (reading public data, web search, generating text): proceeds automatically. Medium risk (reading your files, querying your contacts, scheduling tasks): proceeds with a notification. High risk (sending emails, making calls, updating CRMs, financial transactions): creates a pending_decision record and waits for approval.

Pending decisions flow

When a high-risk action is triggered, the agent creates a record in pending_decisions with decisionType (e.g., "send_email"), context (the full proposed action), and status: pending. The agent pauses. You see the decision in /dashboard/decisions. Approve or reject with one click. The agent resumes or stops accordingly.

Standing permissions

Create rules to auto-approve recurring actions. Example: "Always approve sending emails to contacts tagged as team members." Standing permissions are stored in users.preferences.trustRules. They reduce friction for trusted, repetitive actions without removing oversight.

Audit trail

Every decision — approved or rejected — is logged with timestamp, userId, agentId, decisionType, and outcome. The full history is accessible from Settings → Audit Log. You can see exactly what your agents did and when.