Familiar logo
Familiar usefamiliar.com
Documentation / Fleet

Security & Permissions

Understand Fleet's security model and manage agent permissions.

Security Overview

Fleet's security model puts you in control. Your agents only get the permissions they need, and your sensitive data stays on your machine.

Key Principles

  1. Prompt privacy — Your prompts and responses never leave your machine except when sent to your chosen AI provider
  2. Explicit permissions — Agents only get access to tools you explicitly allow
  3. Transparent approvals — You see and approve risky operations before they happen
  4. Encrypted secrets — Sensitive credentials are encrypted and never exposed to LLM providers

Execution Modes

Choose a permission level that determines what agents can do by default.

  • Restricted — Safe read-only operations only
  • Read-Only — Inspection and research tasks
  • Mutable — Create and modify files (recommended for development)
  • Open — Full access, no restrictions

Learn more about Execution Modes →

Custom Permission Rules

Fine-tune what agents can do beyond the default execution mode.

  • Expand permissions for specific tools (e.g., allow npm in Restricted mode)
  • Restrict operations (e.g., prevent file deletion in Open mode)
  • Use patterns to limit access to specific paths or commands

Learn more about Custom Permission Rules →

Secure Vault

Store API keys, passwords, and other sensitive credentials securely.

  • Encrypted using macOS Keychain
  • Never sent to LLM providers
  • Never appear in conversation history
  • Referenced in tool calls with {{vault:SECRET_NAME}} syntax

Learn more about Secure Vault →

Data Storage

What Stays Local

  • All conversations and agent configurations
  • Files in your workspace
  • Secure vault (encrypted in system keychain)
  • Trigger configurations and run history
  • Usage statistics
  • Agent settings and custom prompts

What Goes to Cloud

  • API calls to your chosen AI provider (only when agents execute)
  • Anonymous usage telemetry (usage events, model selections, token counts — never prompts or content)

Setting Permissions

Global Default

  1. Open Settings (Cmd+,)
  2. Go to Security
  3. Choose a default execution mode
  4. Configure any custom rules
  5. All new agents use these settings

Per-Agent Override

  1. Open agent → Settings (gear icon)
  2. Go to Permissions
  3. Override execution mode if needed
  4. Add agent-specific custom rules
  5. Save

Tool Approval Queue

When an agent wants to use a tool that requires approval, you'll see it in the approval queue with:

  • Tool name — Which tool the agent wants to use
  • Arguments — The specific parameters (file paths, commands, etc.)
  • Translation — Human-readable description of what will happen
  • Risk level — Safe, Caution, Dangerous, or Unknown

Approval options:

  • Allow Once
  • Always Allow (creates a permanent rule)
  • Deny
  • Approve All (approves all pending operations)

See Also