diff --git a/.changeset/wacky-lions-kiss.md b/.changeset/wacky-lions-kiss.md new file mode 100644 index 00000000000..be58208d287 --- /dev/null +++ b/.changeset/wacky-lions-kiss.md @@ -0,0 +1,5 @@ +--- +"kilo-code": patch +--- + +Change the default value of auto-approval for reading outside workspace to false diff --git a/apps/kilocode-docs/docs/features/auto-approving-actions.md b/apps/kilocode-docs/docs/features/auto-approving-actions.md index e3d2db8a2db..28726acb3f6 100644 --- a/apps/kilocode-docs/docs/features/auto-approving-actions.md +++ b/apps/kilocode-docs/docs/features/auto-approving-actions.md @@ -80,6 +80,22 @@ _Complete settings panel view_ **Risk level:** Medium While this setting only allows reading files (not modifying them), it could potentially expose sensitive data. Still recommended as a starting point for most users, but be mindful of what files Kilo Code can access. + +#### Read Outside Workspace + +**Setting:** "Allow reading files outside the workspace" + +**Description:** "When enabled, Kilo Code can read files outside the current workspace directory without asking for approval." + +**Risk level:** Medium-High + +This setting extends read permissions beyond your project folder. Consider the security implications: + +- Kilo Code could access sensitive files in your home directory +- Configuration files, SSH keys, or credentials could be read +- Only enable if you trust the AI and need it to access external files + +**Recommendation:** Keep disabled unless you specifically need Kilo Code to read files outside your project. ::: ### Write Operations @@ -102,25 +118,52 @@ This setting allows Kilo Code to modify your files without confirmation. The del - Lower values: Use only when speed is critical and you're in a controlled environment - Zero: No delay for diagnostics (not recommended for critical code) -#### Write Delay & Problems Pane Integration +#### Write Outside Workspace -VSCode Problems pane showing diagnostic information +**Setting:** "Allow writing files outside the workspace" -_VSCode Problems pane that Kilo Code checks during the write delay_ +**Description:** "When enabled, Kilo Code can create or modify files outside the current workspace directory without asking for approval." -When you enable auto-approval for writing files, the delay timer works with VSCode's Problems pane: +**Risk level:** Very High -1. Kilo Code makes a change to your file -2. VSCode's diagnostic tools analyze the change -3. The Problems pane updates with any errors or warnings -4. Kilo Code notices these issues before continuing +Use with caution and in controlled environments. It allows Kilo Code to: -This works like a human developer pausing to check for errors after changing code. You can adjust the delay time based on: +- Modify your shell configuration files +- Change system configurations +- Write to any location your user has access to -- Project complexity -- Language server speed -- How important error detection is for your workflow - ::: +**Recommendation:** Keep disabled unless absolutely necessary. Even experienced users should avoid this setting. + +#### Write to Protected Files + +**Setting:** "Allow writing to protected files" + +**Description:** "When enabled, Kilo Code can overwrite or modify files that are normally protected by the `.kilocodeignore` file." + +**Risk level:** Very High + +Protected files are intentionally shielded from modification. Enable only if you understand the consequences. + +### Delete Operations + +:::danger Delete Operations + +**Setting:** "Always approve delete operations" + +**Description:** "Automatically delete files and directories without requiring approval" + +**Risk level:** Very High + +This setting allows Kilo Code to permanently remove files without confirmation. + +**Safeguards:** + +- Kilo Code still respects `.kilocodeignore` rules +- Protected files cannot be deleted +- The delete tool shows what will be removed before execution + +**Recommendation:** Enable only in isolated environments or when working with temporary/generated files. Always ensure you have backups, checkpoints, or version control. +::: ### Browser Actions @@ -153,11 +196,11 @@ Consider the security implications of allowing automated browser access. **Description:** "Automatically retry failed API requests when server returns an error response" -**Delay slider:** "Delay before retrying the request" (Default: 5s) - **Risk level:** Low -This setting automatically retries API calls when they fail. The delay controls how long Kilo Code waits before trying again: +This setting automatically retries API calls when they fail. + +The delay controls how long Kilo Code waits before trying again: - Longer delays are gentler on API rate limits - Shorter delays give faster recovery from transient errors @@ -214,23 +257,34 @@ Enables Kilo Code to create and complete subtasks automatically. This relates to **Description:** "Automatically execute allowed terminal commands without requiring approval" -**Command management:** "Command prefixes that can be auto-executed when 'Always approve execute operations' is enabled. Add \* to allow all commands (use with caution)." - **Risk level:** High -This setting allows terminal command execution with controls. While risky, the whitelist feature limits what commands can run. Important security features: +This setting allows terminal command execution with controls. While risky, the allowlist and denylist features limit what commands can run. -- Whitelist specific command prefixes (recommended) +- Allowlist specific command prefixes (recommended) - Never use \* wildcard in production or with sensitive data - Consider security implications of each allowed command +- Consider including potentially dangerous common commands in the deny list - Always verify commands that interact with external systems +#### Allowed Commands + +**Setting:** "Command prefixes that can be auto-executed" + +Add command prefixes (e.g., `git`, `npm`, `ls`) that Kilo Code can run without asking. Use `*` to allow all commands (use with caution). + **Interface elements:** - Text field to enter command prefixes (e.g., 'git') - "Add" button to add new prefixes - Clickable command buttons with X to remove them - ::: + +#### Denied Commands + +**Setting:** "Command prefixes that are always blocked" + +Commands in this list will never run, even if `*` is in the allowed list. Use this to create exceptions for potentially dangerous commands. +::: ### Follow-Up Questions @@ -240,9 +294,9 @@ This setting allows terminal command execution with controls. While risky, the w **Description:** Automatically selects the first AI-suggested answer for a follow-up question after a configurable timeout. This speeds up your workflow by letting Kilo Code proceed without manual intervention. -**Visual countdown:** When enabled, a countdown timer appears on the first suggestion button, showing the remaining time before auto-selection. The timer is displayed as a circular progress indicator that depletes as time passes. +**Visual countdown:** When enabled, a countdown timer appears on the first suggestion button in the chat interface, showing the remaining time before auto-selection. The timer displays seconds remaining (e.g., "3s") and counts down in real-time. -**Timeout slider:** Use the slider to set the wait time from 1 to 300 seconds (Default: 60s). +**Timeout slider:** Use the slider to set the wait time (Range: 1-300 seconds, Default: 60s). **Override options:** You can cancel the auto-selection at any time by: @@ -277,13 +331,6 @@ This setting allows Kilo Code to automatically update task progress and todo lis - Updating task status (pending, in progress, completed) - Reorganizing task priorities -**Benefits:** - -- Maintains real-time task progress visibility -- Reduces interruptions during multi-step workflows -- Keeps project status accurately reflected -- Helps track complex task dependencies - **Use cases:** - Long-running development sessions @@ -294,7 +341,7 @@ This setting allows Kilo Code to automatically update task progress and todo lis This is particularly useful when combined with the Subtasks permission, as it allows Kilo Code to maintain a complete picture of project progress without constant approval requests. ::: -## YOLO mode +## YOLO Mode :::danger YOLO Mode (Risk: Maximum) diff --git a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-1.png b/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-1.png index a10c0fce509..679265c5c5a 100644 Binary files a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-1.png and b/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-1.png differ diff --git a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-10.png b/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-10.png deleted file mode 100644 index 75d8b2834e1..00000000000 Binary files a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-10.png and /dev/null differ diff --git a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-11.png b/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-11.png deleted file mode 100644 index 0b4e3ad7315..00000000000 Binary files a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-11.png and /dev/null differ diff --git a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-12.png b/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-12.png deleted file mode 100644 index b00c8b442cb..00000000000 Binary files a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-12.png and /dev/null differ diff --git a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-13.png b/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-13.png index d7afb227ad2..6998442dbc5 100644 Binary files a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-13.png and b/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-13.png differ diff --git a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-4.png b/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-4.png index 795e6d4ec85..aca74d783f9 100644 Binary files a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-4.png and b/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-4.png differ diff --git a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-5.png b/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-5.png deleted file mode 100644 index 67a78e503ed..00000000000 Binary files a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-5.png and /dev/null differ diff --git a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-6.png b/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-6.png deleted file mode 100644 index 428b3963671..00000000000 Binary files a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-6.png and /dev/null differ diff --git a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-7.png b/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-7.png deleted file mode 100644 index b99d3a12181..00000000000 Binary files a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-7.png and /dev/null differ diff --git a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-8.png b/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-8.png deleted file mode 100644 index d495e474ce9..00000000000 Binary files a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-8.png and /dev/null differ diff --git a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-9.png b/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-9.png index f5650cff7a2..238cbd30c77 100644 Binary files a/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-9.png and b/apps/kilocode-docs/static/img/auto-approving-actions/auto-approving-actions-9.png differ diff --git a/src/core/webview/ClineProvider.ts b/src/core/webview/ClineProvider.ts index 80cdbba24c5..5ae04925546 100644 --- a/src/core/webview/ClineProvider.ts +++ b/src/core/webview/ClineProvider.ts @@ -2217,7 +2217,7 @@ ${prompt} apiConfiguration, customInstructions, alwaysAllowReadOnly: alwaysAllowReadOnly ?? true, - alwaysAllowReadOnlyOutsideWorkspace: alwaysAllowReadOnlyOutsideWorkspace ?? true, + alwaysAllowReadOnlyOutsideWorkspace: alwaysAllowReadOnlyOutsideWorkspace ?? false, alwaysAllowWrite: alwaysAllowWrite ?? true, alwaysAllowWriteOutsideWorkspace: alwaysAllowWriteOutsideWorkspace ?? false, alwaysAllowWriteProtected: alwaysAllowWriteProtected ?? false, @@ -2497,7 +2497,7 @@ ${prompt} customInstructions: stateValues.customInstructions, apiModelId: stateValues.apiModelId, alwaysAllowReadOnly: stateValues.alwaysAllowReadOnly ?? true, - alwaysAllowReadOnlyOutsideWorkspace: stateValues.alwaysAllowReadOnlyOutsideWorkspace ?? true, + alwaysAllowReadOnlyOutsideWorkspace: stateValues.alwaysAllowReadOnlyOutsideWorkspace ?? false, alwaysAllowWrite: stateValues.alwaysAllowWrite ?? true, alwaysAllowWriteOutsideWorkspace: stateValues.alwaysAllowWriteOutsideWorkspace ?? false, alwaysAllowWriteProtected: stateValues.alwaysAllowWriteProtected ?? false,