AI Permission Controls - Keeping the User in Control
The user must enable Allow pyIDE Control, and an active project folder must be open before assistant tools should run.
Status
No formal security audit completion is claimed.
Allow pyIDE ControlThe user must explicitly enable Allow pyIDE Control before the assistant can request pyIDE tools.
Active Project Boundary- AI tools should not silently inspect arbitrary files.
- Tool access is limited to the active project.
- Path traversal such as
../must be rejected.
Permission FlowUser Enables Allow pyIDE Control
An Active Project Folder Is Open
Assistant Requests a Specific Tool
pyIDE Validates the Request
The Tool Runs Within the Active Project Scope
The Result Is Returned to the Assistant
Capability Table| Capability | Purpose | Scope | Status |
|---|---|---|---|
| List Project Files | Lists files in the selected project | Active project only | Working Milestone |
| Get Open Tabs | Reads currently opened editor tabs | Current pyIDE session | Working Milestone |
| Get Active Editor Text | Reads the active editor contents | Active editor only | Working Milestone |
| Get Selected Editor Text | Reads highlighted code | Current selection only | Working Milestone |
| Search Project Text | Searches project files | Active project only | Working Milestone |
| Reject Path Traversal | Prevents leaving the project root | Security boundary | Working Milestone |
| Undo AI Edit Batch | Restores assistant-driven file changes | Recoverable edit history | In Development |
Future file editsFuture file edits should remain visible, auditable, and recoverable through previews, logs, recoverable batches, and Undo support.