Security Configuration
Recommended security settings for Treasure Studio, especially when rolling out to non-technical users.
Permission Mode
Studio has three permission modes that control how much autonomy the AI has. Switch modes from the permission mode selector in the chat input bar, or press Shift+Tab to cycle through them.
| Mode | Behavior |
|---|---|
| Default | The AI can read and write files without prompting, but shell commands beyond basic file operations require approval. |
| Auto Approve | The AI can execute most actions without prompting. Use only when you're comfortable reviewing the chat stream. |
| Plan | The AI can only read files and run read-only commands. All other actions require your approval. Recommended for new users. |
For non-technical users, start with Plan mode. This ensures every action is reviewed before execution.
Blocking Direct HTTP Tools
Studio's AI assistant can execute shell commands, including general-purpose HTTP clients. These bypass tdx guardrails such as working directory restrictions and permission policies. Block HTTP clients with deny rules to ensure all Treasure Data operations go through tdx.
Commands to Block
| Command | Description |
|---|---|
curl | The most common HTTP client on macOS and Linux |
wget | Alternative HTTP client, common on Linux |
http | HTTPie — a user-friendly HTTP client |
httpie | Alternative invocation of HTTPie |
Configuring Deny Rules
Open Settings → Permissions and add the following deny rules:
Bash(curl *)
Bash(wget *)
Bash(http *)
Bash(httpie *)Each rule uses the format Bash(glob), where the glob matches against the command string. curl * matches any command starting with curl followed by arguments.
What Happens When a Command Is Blocked
When the AI attempts to run a denied command, Studio blocks it and returns a "Denied by permission rule" message to the AI. The command is not executed.