Safety and Security

Safety · mixed

AITerm's safety model is layered. A command is assessed for risk, your active Safety Profile can tighten the result, per-host floors and policy packs can tighten it further, and only then can a command run. Every command — typed, AI- authored, from a runbook, or from an agent — passes this one gate.

Risk badges

Each command is tiered and shown with a badge:

Click a badge to open the risk popover. It lists the findings (why this tier), can offer a safer alternative ("Use this instead"), an Explain in detail option, and for risky commands a dry-run preview.

Safety Profiles

Change the active profile from the AI ▸ Safety Profile menu; the current one has a checkmark. Profiles only ever escalate strictness — they never loosen the gate.

The profile order below is generated from SafetyProfile.allCases.

What the tiers do under each profile

Personal is intentionally solo-developer friendly: a would-be hard block becomes a confirmation instead. Work, Production, and Locked Down can hard-block.

Dry-run preview

Two things carry the "dry run" name:

Rollback and "back up, then run"

When a destructive command reaches the confirmation alert and a backup makes sense, the alert offers up to four choices:

If the backup fails, the original is not run and you're told so.

Policy packs

Policy packs are importable bundles of tightenings — a Safety Profile floor, extra per-host rules, custom ask/deny patterns, and optional force-enforcement. A pack can only ever tighten your gate; it has no "allow" action.

See Settings Reference for the editor fields.

Audit log

Open AI ▸ Security Log… to see every gate decision — the command, its risk tier, the decision (allow / confirm / block), the exit code, whether it was AI- authored, and the time. The header notes: "Every command passed one gate before running — typed or AI-authored."

Related pages: The AI Command Loop, Remote Commands, Settings Reference, Free vs. Pro.