Skip to main content
Agents can use ShingleAI tools — things like “read contact,” “send email,” “create task.” You control what each agent is allowed to do on a per-tool basis.
Tool permissions tab

The three permission levels

Each tool on each agent is set to one of three values:
LevelIconBehavior
AllowGreen checkAgent calls the tool silently — no interruption
AskBlue questionAgent pauses and requests your approval before calling
DenyRed XTool is hidden from the agent entirely
The “Ask” approval appears inline in the chat with a countdown timer and a risk-level badge. You can expand the card to see the exact tool input before approving.

Finding the permissions UI

  1. Open the agent’s detail page.
  2. Go to the Tools tab.
  3. Tools are grouped by category (for example, Contacts, Messages, Tasks). Expand a category to see its tools, each with a three-way button.

How defaults work

When you create an agent, it inherits the regular-user baseline permissions for the organization. Tools considered sensitive default to Ask; lower-risk tools default to Allow. Your overrides are stored sparsely — only the tools where you deviate from the default are persisted. If the default shifts later (for example, we promote a new tool from risky to routine), agents inherit the new default unless you had explicitly overridden that tool.

Risk levels

Tool approval cards display a risk badge (low / medium / high) to help you decide quickly. Use your judgment: a low-risk tool misused is rarely damaging, a high-risk tool might send email from your domain or spend money.
Changing permissions takes effect on the next tool call by the agent. A tool call already mid-flight when you change the setting will complete under the old rules.

Next steps

Chat with an agent

See approvals in action

Agent conversations

Review past approvals and denials