Tendril

Tendril · Explorers · Agentic AI

AI Agents Should Have a Permission List

Tell AI what it can and can't touch — like rules on a babysitter's note.

40 min · Reviewed 2026

The big idea

Did you know AI agents need rules? Just like a babysitter has a 'can do / can't do' list, AI agents should too. 'You can read email. You can't send any.' Clear rules = safe AI.

Some examples

Can: read calendar. Can't: change it.
Can: search the web. Can't: buy stuff.
Can: write a draft. Can't: post it.
Can: ask. Can't: do — without OK.

Try it!

Write a 'can / can't' list for an AI helper in your school.

Why permission lists matter so much

Imagine you hired a new babysitter and forgot to leave any rules. They might decide to redecorate your bedroom, eat all the snacks, or invite their friends over — not because they're mean, but because nobody told them not to. AI agents are exactly the same. Without a permission list, an AI agent will do whatever seems helpful to it at the time. That might mean sending an email you weren't ready to send, deleting a file you needed, or making a purchase by accident. Permission lists act like guard rails. They define the 'safe zone' the agent is allowed to work inside. Outside that zone, the agent must stop and ask a human. The smaller and more specific you make the permission list, the safer your agent is. This isn't about mistrusting AI — it's about designing a system where mistakes stay small and fixable.

Read-only permissions (can look but not change) are the safest starting point
One-step-at-a-time permissions mean humans approve before anything big happens
Scope limits (like 'only work in the Downloads folder') keep accidents contained
Time-based limits (like 'only run between 9am and 5pm') add another safety layer

Why AI Agents Always Ask Permission First

The big idea

A safe AI agent never just deletes your stuff or sends an email. It stops and asks: 'Are you sure?'

Some examples

Before sending an email, the agent asks 'Send it?'
Before deleting a file, the agent asks 'Really delete?'
Before spending money, the agent asks for an okay.
These pauses keep humans in charge.

Try it!

If you ever use an AI agent, watch for the 'are you sure?' moments. Those are safety stops!

Here's why "Why AI Agents Always Ask Permission First" matters: AI agents don't just answer questions — they can do things, like looking things up, writing files, or talking to apps. Good AI agents stop and ask before doing something risky — and knowing how to apply this gives you a concrete advantage.

Learn what "permissions" means and why it's important
Learn what "safety" means and why it's important
Learn what "agents" means and why it's important

Draw what you think an AI agent looks like — what tools would it carry?
List five tasks you wish a robot helper could do for you
Think about one rule you'd give an AI helper

Why AI Agents Have to Ask Before Doing Big Stuff

The big idea

AI agents are powerful, so they're built to ask permission before doing important things — like buying stuff or sending emails.

Some examples

AI: 'I'm about to send this email — okay?' YOU: 'Yes' or 'No.'
AI: 'I want to spend $20 on this. Approve?'
Without permission checks, AI could mess things up fast.
Always read what AI is about to do before saying yes!

Try it!

Imagine an AI agent says 'I'm about to delete all your photos to save space — okay?' What would you say? (Hint: NO! Read carefully!)

End-of-lesson check

15 questions · take it digitally for instant feedback at tendril.neural-forge.io/learn/quiz/end-explorers-agentic-AI-and-the-permission-list

What is the main purpose of giving an AI agent a permission list?
1. To help the AI remember the user's name
2. To make the AI think faster
3. To let the AI choose its own tasks
4. To tell the AI exactly what it can and cannot do
An AI helper is given these rules: 'Can: read calendar. Can't: change it.' What should the AI do if someone asks it to add a new meeting?
1. Refuse or ask for permission first
2. Turn off the computer
3. Delete the existing calendar
4. Add the meeting anyway
Which would be the BEST 'can't' rule for an AI that helps with online shopping?
1. Can't complete a purchase without user approval
2. Can't show prices
3. Can't remember what a user bought before
4. Can't display product images
What does 'scope' mean when talking about AI permissions?
1. The number of words the AI can read
2. The range of tasks the AI is allowed to work on
3. The physical size of the computer
4. The speed of the AI's internet connection
If an AI agent 'can write a draft' but 'can't post it,' what happens when it finishes writing a social media post?
1. The AI automatically posts it online
2. The AI shows the draft to a human for approval
3. The AI deletes the draft
4. The AI starts a new social media account
Why is it important for an AI to have clear 'can't' rules?
1. So the AI stays within safe boundaries and doesn't do unwanted things
2. So the AI learns faster
3. So the AI can talk to other AI agents
4. So the AI can work without any human help
A school AI helper has these permissions: 'Can: search the web. Can't: buy anything. Can't: share student info.' What is ONE thing this AI is allowed to do?
1. Post a student's grades online
2. Send emails to parents
3. Purchase school supplies
4. Look up facts for a homework assignment
What happens if an AI agent is given NO permission rules at all?
1. The AI will only work at night
2. The AI will become smarter
3. The AI might do things its owner never wanted
4. The AI will stop working immediately
Which of these is the BEST reason to give an AI agent a permission list?
1. To make the AI work slower
2. To confuse the AI
3. To make the AI more expensive
4. To make sure the AI only does safe and approved actions
You are creating a permission list for a classroom AI helper. Which 'can' rule would be MOST useful for helping students with homework?
1. Can change student grades
2. Can explain math problems step by step
3. Can fill out standardized tests for students
4. Can contact school principals without permission
What is the key difference between a 'can' rule and a 'can't' rule in an AI's permission list?
1. 'Can' tells the AI what it is allowed to do, 'can't' tells it what it must avoid
2. 'Can' and 'can't' mean the same thing
3. 'Can' is for morning, 'can't' is for evening
4. 'Can' means the AI is thinking, 'can't' means it is sleeping
An AI has: 'Can: read emails. Can't: delete emails. Can't: send new emails.' A user asks the AI to delete old spam. What should happen?
1. The AI refuses because deleting is not allowed
2. The AI forwards the emails to everyone
3. The AI deletes all emails
4. The AI turns off automatically
A homework helper AI has: 'Can: check spelling. Can't: give answers. Can't: tell teachers.' This AI is BEST described as one that:
1. Completes all assignments automatically
2. Supports learning without doing the work for the student
3. Reports students to teachers
4. Works only during tests
Which of these is a 'read-only' permission for an AI?
1. Can send emails
2. Can delete files
3. Can read files but not change them
4. Can buy items online
You want to give a new AI agent the smallest possible permission list to keep it safe. What should you do if you need it to do more later?
1. Give it all permissions at the start so you never have to add more
2. Start small and add permissions one at a time as you trust the agent more
3. Never give it any permissions
4. Let the agent decide which permissions it needs

← Back to interactive lesson

Tendril · Explorers · Agentic AI

AI Agents Should Have a Permission List

Tell AI what it can and can't touch — like rules on a babysitter's note.

40 min · Reviewed 2026

The big idea

Did you know AI agents need rules? Just like a babysitter has a 'can do / can't do' list, AI agents should too. 'You can read email. You can't send any.' Clear rules = safe AI.

Some examples

Can: read calendar. Can't: change it.
Can: search the web. Can't: buy stuff.
Can: write a draft. Can't: post it.
Can: ask. Can't: do — without OK.

Try it!

Write a 'can / can't' list for an AI helper in your school.

Why permission lists matter so much

Read-only permissions (can look but not change) are the safest starting point
One-step-at-a-time permissions mean humans approve before anything big happens
Scope limits (like 'only work in the Downloads folder') keep accidents contained
Time-based limits (like 'only run between 9am and 5pm') add another safety layer

Why AI Agents Always Ask Permission First

The big idea

A safe AI agent never just deletes your stuff or sends an email. It stops and asks: 'Are you sure?'

Some examples

Before sending an email, the agent asks 'Send it?'
Before deleting a file, the agent asks 'Really delete?'
Before spending money, the agent asks for an okay.
These pauses keep humans in charge.

Try it!

If you ever use an AI agent, watch for the 'are you sure?' moments. Those are safety stops!

Learn what "permissions" means and why it's important
Learn what "safety" means and why it's important
Learn what "agents" means and why it's important

Draw what you think an AI agent looks like — what tools would it carry?
List five tasks you wish a robot helper could do for you
Think about one rule you'd give an AI helper

Why AI Agents Have to Ask Before Doing Big Stuff

The big idea

AI agents are powerful, so they're built to ask permission before doing important things — like buying stuff or sending emails.

Some examples

AI: 'I'm about to send this email — okay?' YOU: 'Yes' or 'No.'
AI: 'I want to spend $20 on this. Approve?'
Without permission checks, AI could mess things up fast.
Always read what AI is about to do before saying yes!

Try it!

Imagine an AI agent says 'I'm about to delete all your photos to save space — okay?' What would you say? (Hint: NO! Read carefully!)

End-of-lesson check

15 questions · take it digitally for instant feedback at tendril.neural-forge.io/learn/quiz/end-explorers-agentic-AI-and-the-permission-list

What is the main purpose of giving an AI agent a permission list?
1. To help the AI remember the user's name
2. To make the AI think faster
3. To let the AI choose its own tasks
4. To tell the AI exactly what it can and cannot do
An AI helper is given these rules: 'Can: read calendar. Can't: change it.' What should the AI do if someone asks it to add a new meeting?
1. Refuse or ask for permission first
2. Turn off the computer
3. Delete the existing calendar
4. Add the meeting anyway
Which would be the BEST 'can't' rule for an AI that helps with online shopping?
1. Can't complete a purchase without user approval
2. Can't show prices
3. Can't remember what a user bought before
4. Can't display product images
What does 'scope' mean when talking about AI permissions?
1. The number of words the AI can read
2. The range of tasks the AI is allowed to work on
3. The physical size of the computer
4. The speed of the AI's internet connection
If an AI agent 'can write a draft' but 'can't post it,' what happens when it finishes writing a social media post?
1. The AI automatically posts it online
2. The AI shows the draft to a human for approval
3. The AI deletes the draft
4. The AI starts a new social media account
Why is it important for an AI to have clear 'can't' rules?
1. So the AI stays within safe boundaries and doesn't do unwanted things
2. So the AI learns faster
3. So the AI can talk to other AI agents
4. So the AI can work without any human help
A school AI helper has these permissions: 'Can: search the web. Can't: buy anything. Can't: share student info.' What is ONE thing this AI is allowed to do?
1. Post a student's grades online
2. Send emails to parents
3. Purchase school supplies
4. Look up facts for a homework assignment
What happens if an AI agent is given NO permission rules at all?
1. The AI will only work at night
2. The AI will become smarter
3. The AI might do things its owner never wanted
4. The AI will stop working immediately
Which of these is the BEST reason to give an AI agent a permission list?
1. To make the AI work slower
2. To confuse the AI
3. To make the AI more expensive
4. To make sure the AI only does safe and approved actions
You are creating a permission list for a classroom AI helper. Which 'can' rule would be MOST useful for helping students with homework?
1. Can change student grades
2. Can explain math problems step by step
3. Can fill out standardized tests for students
4. Can contact school principals without permission
What is the key difference between a 'can' rule and a 'can't' rule in an AI's permission list?
1. 'Can' tells the AI what it is allowed to do, 'can't' tells it what it must avoid
2. 'Can' and 'can't' mean the same thing
3. 'Can' is for morning, 'can't' is for evening
4. 'Can' means the AI is thinking, 'can't' means it is sleeping
An AI has: 'Can: read emails. Can't: delete emails. Can't: send new emails.' A user asks the AI to delete old spam. What should happen?
1. The AI refuses because deleting is not allowed
2. The AI forwards the emails to everyone
3. The AI deletes all emails
4. The AI turns off automatically
A homework helper AI has: 'Can: check spelling. Can't: give answers. Can't: tell teachers.' This AI is BEST described as one that:
1. Completes all assignments automatically
2. Supports learning without doing the work for the student
3. Reports students to teachers
4. Works only during tests
Which of these is a 'read-only' permission for an AI?
1. Can send emails
2. Can delete files
3. Can read files but not change them
4. Can buy items online
You want to give a new AI agent the smallest possible permission list to keep it safe. What should you do if you need it to do more later?
1. Give it all permissions at the start so you never have to add more
2. Start small and add permissions one at a time as you trust the agent more
3. Never give it any permissions
4. Let the agent decide which permissions it needs

← Back to interactive lesson