diff --git a/.changeset/every-knives-dig.md b/.changeset/every-knives-dig.md new file mode 100644 index 00000000000..6f718835233 --- /dev/null +++ b/.changeset/every-knives-dig.md @@ -0,0 +1,5 @@ +--- +"@kilocode/cli": patch +--- + +Default read permissions now require approval for read operations outside the workspace diff --git a/apps/kilocode-docs/docs/cli.md b/apps/kilocode-docs/docs/cli.md index ebfee0b0fb9..cb6f17bcd7c 100644 --- a/apps/kilocode-docs/docs/cli.md +++ b/apps/kilocode-docs/docs/cli.md @@ -218,57 +218,11 @@ kilocode --parallel --auto "improve xyz" kilocode --parallel --auto "improve abc" ``` -## Autonomous mode (Non-Interactive) - -Autonomous mode allows Kilo Code to run in automated environments like CI/CD pipelines without requiring user interaction. - -```bash -# Run in autonomous mode with a prompt -kilocode --auto "Implement feature X" - -# Run in autonomous mode with piped input -echo "Fix the bug in app.ts" | kilocode --auto - -# Run in autonomous mode with timeout (in seconds) -kilocode --auto "Run tests" --timeout 300 - -# Run in autonomous mode with JSON output for structured parsing -kilocode --auto --json "Implement feature X" -``` - -### Autonomous Mode Behavior - -When running in Autonomous mode (`--auto` flag): - -1. **No User Interaction**: All approval requests are handled automatically based on configuration -2. **Auto-Approval/Rejection**: Operations are approved or rejected based on your auto-approval settings -3. **Follow-up Questions**: Automatically responded with a message instructing the AI to make autonomous decisions -4. **Automatic Exit**: The CLI exits automatically when the task completes or times out - -### JSON Output Mode +## Auto-approval settings -Use the `--json` flag with `--auto` to get structured JSON output instead of the default terminal UI. This is useful for programmatic integration and parsing of Kilo Code responses. +Auto-approval allows the Kilo Code CLI to perform operations without first requiring user confirmation. These settings can either be built up over time in interactive mode, or by editing your config file using `kilocode config` or editing the file directly at `~/.kilocode/config.json`. -```bash -# Standard autonomous mode with terminal UI -kilocode --auto "Fix the bug" - -# Autonomous mode with JSON output -kilocode --auto --json "Fix the bug" - -# With piped input -echo "Implement feature X" | kilocode --auto --json -``` - -**Requirements:** - -- The `--json` flag requires `--auto` mode to be enabled -- Output is sent to stdout as structured JSON for easy parsing -- Ideal for CI/CD pipelines and automated workflows - -### Auto-Approval Configuration - -Autonomous mode respects your auto-approval configuration. Edit your config file with `kilocode config` to customize: +### Default auto-approval settings ```json { @@ -276,7 +230,7 @@ Autonomous mode respects your auto-approval configuration. Edit your config file "enabled": true, "read": { "enabled": true, - "outside": true + "outside": false }, "write": { "enabled": true, @@ -359,6 +313,12 @@ The `execute.allowed` and `execute.denied` lists support hierarchical pattern ma } ``` +## Interactive Mode + +Interactive mode is the default mode when running Kilo Code without the `--auto` flag, designed to work interactively with a user through the console. + +In interactive mode Kilo Code will request approval for operations which have not been auto-approved, allowing the user to review and approve operations before they are executed, and optionally add them to the auto-approval list. + ### Interactive Command Approval When running in interactive mode, command approval requests now show hierarchical options: @@ -380,6 +340,58 @@ Selecting an "Always run" option will: This allows you to progressively build your auto-approval rules without manually editing the config file. +## Autonomous mode (Non-Interactive) + +Autonomous mode allows Kilo Code to run in automated environments like CI/CD pipelines without requiring user interaction. + +```bash +# Run in autonomous mode with a prompt +kilocode --auto "Implement feature X" + +# Run in autonomous mode with piped input +echo "Fix the bug in app.ts" | kilocode --auto + +# Run in autonomous mode with timeout (in seconds) +kilocode --auto "Run tests" --timeout 300 + +# Run in autonomous mode with JSON output for structured parsing +kilocode --auto --json "Implement feature X" +``` + +### Autonomous Mode Behavior + +When running in Autonomous mode (`--auto` flag): + +1. **No User Interaction**: All approval requests are handled automatically based on configuration +2. **Auto-Approval/Rejection**: Operations are approved or rejected based on your auto-approval settings +3. **Follow-up Questions**: Automatically responded with a message instructing the AI to make autonomous decisions +4. **Automatic Exit**: The CLI exits automatically when the task completes or times out + +### JSON Output Mode + +Use the `--json` flag with `--auto` to get structured JSON output instead of the default terminal UI. This is useful for programmatic integration and parsing of Kilo Code responses. + +```bash +# Standard autonomous mode with terminal UI +kilocode --auto "Fix the bug" + +# Autonomous mode with JSON output +kilocode --auto --json "Fix the bug" + +# With piped input +echo "Implement feature X" | kilocode --auto --json +``` + +**Requirements:** + +- The `--json` flag requires `--auto` mode to be enabled +- Output is sent to stdout as structured JSON for easy parsing +- Ideal for CI/CD pipelines and automated workflows + +### Auto-Approval in Autonomous Mode + +Autonomous mode respects your [auto-approval configuration](#auto-approval-settings). Operations which are not auto-approved will not be allowed. + ### Autonomous Mode Follow-up Questions In Autonomous mode, when the AI asks a follow-up question, it receives this response: diff --git a/cli/src/config/__tests__/auto-approval.test.ts b/cli/src/config/__tests__/auto-approval.test.ts index 2171193f9e5..bb9cd4e2d9d 100644 --- a/cli/src/config/__tests__/auto-approval.test.ts +++ b/cli/src/config/__tests__/auto-approval.test.ts @@ -9,7 +9,7 @@ describe("Auto Approval Configuration", () => { enabled: true, read: { enabled: true, - outside: true, + outside: false, }, write: { enabled: true, diff --git a/cli/src/config/defaults.ts b/cli/src/config/defaults.ts index 44fb9d2a28d..82cac00f1e8 100644 --- a/cli/src/config/defaults.ts +++ b/cli/src/config/defaults.ts @@ -8,7 +8,7 @@ export const DEFAULT_AUTO_APPROVAL: AutoApprovalConfig = { enabled: true, read: { enabled: true, - outside: true, + outside: false, }, write: { enabled: true,