Tool Approval

Understand Verun's three trust levels — supervised, normal, and full auto — and choose the right one for your workflow.

When you start an agent session, Verun asks you to pick a trust level. This controls how much the agent can do without asking you first.

Trust Levels

Level	Auto-approves	Prompts before
Supervised	Nothing	Every action (file writes, terminal commands, etc.)
Normal	Safe reads, file browsing, search	File writes, terminal commands, dependency installs
Full Auto	All actions	Nothing

Supervised

The agent proposes every action and waits for your approval. Use this when:

You are trying Verun for the first time.
You want to learn what actions the agent takes.
You are working on a sensitive or production-critical codebase.

Recommended for first-time users. Supervised mode gives you full visibility into what the agent does before any changes are made.

Normal

The agent auto-approves safe, read-only operations (reading files, searching code) and asks before making changes. Use this when:

You trust the agent to explore the codebase but want to approve changes.
You want a balance between speed and control.
You are reviewing the agent's work periodically.

Full Auto

The agent runs without any prompts. It can write files, run terminal commands, and install packages freely. Use this when:

You are running tasks that you want to complete unattended.
The task is in an isolated worktree (changes are safely contained).
You will review the diff before merging.

Changing Trust Level

You set the trust level when starting a new session. To change it:

Close the current session.
Start a new session on the same task.
Select a different trust level.

The trust level applies for the entire session. You cannot change it mid-session.

Safety Net

Regardless of the trust level, all changes happen inside an isolated git worktree. Your main branch is never modified directly. You can always review the diff and discard changes if needed.