Approvals & trust
How Vicode asks before changing your files, and what each edit mode allows.
Vicode is designed to show what happened before you trust the result.
Where Vicode works
Vicode works inside the project folder you open. Reading happens there, and anything that changes it — file edits and terminal commands — goes through the edit mode you choose.
Edit modes
The composer uses one autonomy ladder, ordered least to most autonomous:
- Ask permissions — file changes wait for review, and terminal commands ask before running. This is the default.
- Accept edits — file edits apply directly; terminal commands stay off.
- Auto-run — file edits apply directly, and terminal commands run without per-command prompts.
- Full access — direct edits, auto-run commands, and command network access. Choose this deliberately.
Separate from the ladder, an isolated worktree toggle controls where edits land, so a run can work in an isolated copy of the project instead of writing to the workspace directly.
File writes and commands
File writes and commands should be explicit and reviewable. Approve only the actions you understand, especially in private repos or unfamiliar folders, and stay on Ask permissions until you trust the loop.
See what happened
Every run leaves a record you can check:
- the tools it called and what they returned
- the Project Knowledge sources it used
- command output
- the files it changed or created
- errors and diagnostics when something goes wrong
What gets sent where
A model running locally through Ollama keeps your context on your machine. Hosted Ollama and OpenAI receive the prompt and the context selected for that request. Pick the option that matches how sensitive the project is.
Beta caveat
Vicode does not claim that every local model can reliably write files. Model support should be treated as evidence-based and task-specific.