Permission modes define what kind of tools Voss may run. Each role in a team declares its own mode, so a reviewer can be locked to plan while a backend worker gets scoped edit.
Plan mode
Plan mode is the default for voss, voss chat, and voss do. It is for reasoning, inspection, and architecture work.
Use plan mode when you want:
- A repo summary
- A change plan
- A risk assessment
- A pull request description
- A no-mutation investigation
Edit mode
Edit mode is the default for voss edit. It allows reads and scoped file writes, but denies shell_run.
Use edit mode when you know which files or directories Voss should work on.
Auto mode
Auto mode is for higher-trust flows where the agent may need to run more tools. It still depends on lower-level safeguards such as cwd jailing, shell allowlists, timeouts, and project policy.
Use auto mode only when you are comfortable with the broader execution surface. Voss v0.1 is intentionally conservative by default.