Permissions

18 articles about permissions.

Third-Party Apps: What They Are, How Permissions Work, and Security Risks

·13 min read

A complete guide to third-party apps covering what they are, how they access your data through OAuth and APIs, common security risks, and how to audit and manage permissions across platforms.

third-party-appssecurityoauthpermissionsapiprivacy

AI Agent Blast Radius: What It Is and How to Measure It

·12 min read

AI agent blast radius defines the maximum damage an agent can cause in a single failure. Learn how to measure, categorize, and reduce blast radius across desktop, cloud, and code agents.

blast-radiusai-agentsecuritypermissionsrisk-managementdesktop-agent

AI Agent Trust Management: A Practical Framework for Production Systems

·12 min read

How to manage trust in AI agents across their lifecycle, from initial deployment with minimal permissions to earning expanded access through verified behavior.

ai-agentstrustagent-designsecuritypermissionsdesktop-agent

How to Limit the Blast Radius of a Compromised AI Agent

·15 min read

Practical techniques to contain damage when an AI agent gets compromised. Covers process isolation, least-privilege tooling, network segmentation, and real

blast-radiusai-agentsecuritysandboxingpermissionsdesktop-agent

93% No Scope. 0% Revocation.

·2 min read

Most agent integrations request broad permissions with no mechanism for revocation. No scope and no revocation is a terrifying combination.

permissionssecurityscoperevocationagent-safety

Auto-Approving Read-Only Commands in AI Coding Agents with Hooks

·2 min read

How to set up permission tiers and hooks that auto-approve safe read-only commands in AI agents while keeping destructive operations gated behind manual

ai-agentshookspermissionsclaude-codedeveloper-toolsclaudeai

v2.1.78 Broke bypassPermissions: Skills Are User Content

·2 min read

When bypassPermissions broke, it revealed that .claude/skills/ files are user content, not system files. Agent permission models need to respect this boundary.

claude-codepermissionsskillssecurityagent-architecture

Mapping AI Agent Permissions in Cloud with Graph-Based Inventories

·6 min read

How Cartography and graph-based tools map AI agent permissions, blast radius, and access patterns across AWS, GCP, and Azure before a security incident forces you to.

cartographycloud-securityai-agentspermissionsgraphinfrastructure

The Sandbox Paradox: AI Agents Need Access to Be Useful

·3 min read

AI agents need system access to be useful but restrictions to be safe. The sandbox paradox is the central tension in desktop agent design - here's how to

sandboxpermissionsai-agentsecuritydesktop-agent

YOLO Mode vs Explicit Approval - When to Let AI Agents Run Freely

·2 min read

When should you skip permissions for AI agents? The answer depends on reversibility. Git repos are safe to YOLO, but email and messaging need explicit

ai-agentpermissionsyolo-modegitdesktop-automation

Yolo Mode vs Safe Permissions - When to Let Your AI Agent Run Free

·2 min read

Should you skip permission checks in AI agents? It depends on the task. Code agents with git are low risk. Desktop agents touching production systems need

ai-agentpermissionssecurityyolo-modesafety

Zero-Trust Security for AI Agents: When Default Deny Goes Too Far

·2 min read

Zero-trust security models applied to AI agents can make them useless if too aggressive. Learn how to balance security with agent usefulness in production

zero-trustsecurityai-agentspermissionsagent-design

AI Agent Failure Rates and the Desktop Permissions Problem

·3 min read

AI agents fail more often than people think. When desktop agents can click anything and type anywhere, one hallucinated action can send emails or delete files.

ai-safetypermissionsdesktop-agentfailure-raterisk-management

The Asymmetric Trust Problem - When Your AI Agent Has More Access Than You Intended

·6 min read

Granting macOS accessibility permissions to an AI agent gives it access to every text field, password manager value, and bank balance visible on screen. The permission you think you granted is a small subset of what you actually granted.

trustpermissionsaccessibility-apisecurityai-agent

The Boundary Tax - The Cost of Setting Limits in AI Agent-Human Relationships

·2 min read

Every boundary in an AI agent-human relationship has a cost. Learn about the boundary tax and how to balance safety with productivity in desktop automation.

agent-boundariestrustai-agentuser-experiencepermissions

Bypass Permissions vs Allowlists - Finding the Middle Ground for AI Agents

·2 min read

Full permission bypass is reckless and full approval mode is unusable. The middle ground with allowlists is where AI agent permissions actually work.

ai-agentspermissionssecuritydeveloper-experiencedesktop-automation

Designing a Tiered Permission System for AI Desktop Agents

·3 min read

Full YOLO mode is dangerous and full approval mode is unusable. Tiered permissions with allowlists per action type hit the sweet spot.

permissionsai-safetyux-designdesktop-agentarchitecture

AI Agent Permissions - Why Local Agents Do Not Have the Cloud Permission Problem

·3 min read

Cloud AI agents like Cowork need folder-level access grants that linger after tasks complete. Local agents that use accessibility APIs avoid this entirely.

permissionssecuritylocal-firstcloud-agentscomparison

Browse by Topic

Ai Agents (346)Automation (240)Productivity (203)Macos (192)Ai Agent (182)Claude Code (163)Desktop Agent (120)Open Source (106)Developer Tools (104)April 2026 (86)Reliability (83)Accessibility Api (79)Mcp (78)Parallel Agents (75)Desktop Automation (68)Multi Agent (64)Claude (56)Ai Coding (56)Security (54)Llm (51)