The Permissions Model.
The Intern uses a granular, risk-tiered permissions model. Agents ask before acting on anything that could have real-world consequences.
Risk tiers
Low risk (reading public data, web search, generating text): proceeds automatically. Medium risk (reading your files, querying your contacts, scheduling tasks): proceeds with a notification. High risk (sending emails, making calls, updating CRMs, financial transactions): creates a pending_decision record and waits for approval.
Pending decisions flow
When a high-risk action is triggered, the agent creates a record in pending_decisions with decisionType (e.g., "send_email"), context (the full proposed action), and status: pending. The agent pauses. You see the decision in /dashboard/decisions. Approve or reject with one click. The agent resumes or stops accordingly.
Standing permissions
Create rules to auto-approve recurring actions. Example: "Always approve sending emails to contacts tagged as team members." Standing permissions are stored in users.preferences.trustRules. They reduce friction for trusted, repetitive actions without removing oversight.
Audit trail
Every decision — approved or rejected — is logged with timestamp, userId, agentId, decisionType, and outcome. The full history is accessible from Settings → Audit Log. You can see exactly what your agents did and when.