Skip to main content
Pick who (or what) approves a tool call — the terminal, a coding-mode fast path, or a chat channel that fans out to Slack/Telegram/Discord.
The user triggers a risky tool; the chosen approval backend prompts or routes the decision to a human.

Available Backends

How It Works

A risky tool call pauses until the chosen backend collects a human decision.

Backend Matrix

Wrapper backends (slack, telegram, discord, webhook, http, secure, presentation) require pip install praisonai.

Quick Start

1

Choose your approval mode

Ask the user on the terminal before each risky tool call:

--approval-timeout

--approval-timeout takes seconds. Pass none to wait indefinitely.

Reviewer-Agent Mode (--approval agent)

When you pass --approval agent, a built-in LLM reviewer gates every tool call. The default reviewer instruction is:
“You are a security reviewer. Only approve low-risk read operations. Deny anything destructive. Respond with exactly one word: APPROVE or DENY”
The reviewer responds with exactly APPROVE or DENY for each pending tool call. You can override the default instruction by passing a custom reviewer prompt via the API:

Unknown-Backend Error

If you pass an unrecognised backend name, the CLI raises:
Use this to trap typos — the valid list is alphabetically sorted within the wrapper group.

Best Practices

Use console in interactive dev, agent for unattended runs where a reviewer LLM can gate tools.
accept-edits and plan are the coding-mode fast paths — pair them with praisonai-code code.
none disables approval entirely; only use it in throwaway sandboxes.

Local Tools Loading

Approval decides who says yes to your local tools.

Approval

The full approval system — dangerous tool gating, TTY detection, and safe defaults.