Approvals & Whitelisting
Human-in-the-loop control for sensitive agent actions
FixPanic includes a powerful approval system that ensures you maintain control over what agents can do on your infrastructure.
How Approvals Work
When an agent proposes a potentially sensitive action, the system pauses execution and requests your approval before proceeding.
┌─────────────────────────────────────────────────────────────┐
│ Agent wants to execute: │
│ │
│ sudo systemctl restart nginx │
│ │
│ This will restart the web server. │
│ │
│ [Approve] [Deny] [Add to Whitelist] │
└─────────────────────────────────────────────────────────────┘Approval Flow
- Agent Proposes Action - You ask the agent to do something that requires a sensitive command.
- System Pauses - The agent pauses and generates an approval request instead of executing.
- Review Request - You see exactly what command or action the agent wants to perform.
- Make Decision - You can Approve, Deny, or Whitelist the action.
- Execution (if approved) - The agent proceeds with the action and reports the results.
Pending Approvals
Finding Pending Approvals
When there's a pending approval:
- A notification badge appears in the chat
- The conversation shows the pending request
- The agent mentions it's waiting for approval
Approval Details
Each approval request shows:
- Command: The exact command to be executed
- Context: Why the agent wants to run this
- Impact: Potential effects of the action
- Risk Level: Low, Medium, or High
Making Approval Decisions
Approve
Click "Approve" when:
- You understand the command
- You trust it's safe to execute
- You want the action to proceed
The agent will execute the command and continue.
Deny
Click "Deny" when:
- The command isn't what you intended
- You want to take a different approach
- You need more information first
The agent will acknowledge the denial and ask how to proceed.
Whitelist
Click "Add to Whitelist" when:
- You trust this specific command
- You want to approve it automatically in the future
- You're comfortable with it running without review
Warning: Whitelisted commands bypass approval for all future requests. Only whitelist commands you're certain are safe.
Command Whitelisting
What is Whitelisting?
Whitelisting allows specific commands to execute automatically without requiring approval.
How Whitelisting Works
Whitelisted commands:
- Execute immediately when requested
- Don't generate approval notifications
- Still appear in the activity log
- Can be removed from the whitelist at any time
Adding to Whitelist
You can whitelist commands in several ways:
During Approval:
- Click "Add to Whitelist" on an approval request
From Settings:
- Go to Settings > Security > Whitelist
- Click "Add Command"
- Enter the command pattern
- Click "Save"
Whitelist Patterns
You can whitelist:
- Exact commands:
docker ps - Command prefixes:
docker * - Commands with arguments:
systemctl status *
| Pattern | Matches |
|---|---|
docker ps | Only docker ps exactly |
docker ps * | docker ps, docker ps -a, etc. |
systemctl status * | systemctl status nginx, etc. |
cat /var/log/* | cat /var/log/syslog, etc. |
Managing the Whitelist
View and manage your whitelist in Settings > Security > Whitelist:
| Action | Description |
|---|---|
| View | See all whitelisted commands |
| Add | Add a new command pattern |
| Remove | Delete a whitelisted command |
| Edit | Modify an existing pattern |
Removing from Whitelist
- Go to Settings > Security > Whitelist
- Find the command you want to remove
- Click the delete icon
- Confirm removal
After removal, the command will require approval again.
Approval Presets
Presets allow you to apply pre-defined approval configurations quickly.
Available Presets
| Preset | Description |
|---|---|
| Strict | Requires approval for all commands |
| Standard | Safe read commands auto-approved, writes require approval |
| Permissive | Most diagnostics auto-approved, only dangerous commands need approval |
| Custom | Build your own whitelist |
Applying a Preset
- Go to Settings > Security > Presets
- Select a preset
- Click "Apply"
- Confirm the change
Note: Applying a preset replaces your current whitelist. Make sure to review the preset's included commands before applying.
Risk Levels
Commands are categorized by risk:
Low Risk (Usually Auto-Approved)
Read-only commands that don't modify state:
ps aux- List processesdf -h- Check disk spacecat /var/log/syslog- Read logs
Medium Risk (Default: Requires Approval)
Commands that could affect services:
systemctl restart- Restart servicesdocker stop- Stop containerskill -15- Graceful process termination
High Risk (Always Requires Approval)
Dangerous or destructive commands:
rm -rf- Delete files/directoriessystemctl disable- Disable serviceskill -9- Force kill processes- Database modifications
Hard-Blocked Commands
Some commands are never allowed, regardless of approval:
- Commands that could compromise security
- System-level destructive operations
- Commands accessing sensitive paths
Approval Best Practices
Do's
- Review carefully - Read the full command before approving
- Understand impact - Consider what the command will do
- Whitelist cautiously - Only whitelist commands you fully trust
- Use presets - Start with a preset and customize
Don'ts
- Don't rush - Take time to understand approval requests
- Don't over-whitelist - Keep the whitelist minimal
- Don't ignore denials - Understand why you denied something
Audit Trail
All approval decisions are logged:
- Approved commands with timestamps
- Denied requests with reasons
- Whitelist changes
- Who made each decision
Access the audit trail in Settings > Security > Audit Log.
Next Steps
- Advanced Features - Explore model selection, deep linking, and more.
- Security - Learn more about FixPanic's security model.