Permissions
By default, Crush asks for your permission before running tool calls that could modify your system (editing files, running commands, etc.). Read-only operations like viewing files are always allowed.
Permission Prompts
When Crush wants to run a command or edit a file, a popup appears with options:
- Allow once: Approve this single tool call
- Allow for session: Approve all future calls to this tool for the current session
- Deny: Block this tool call
Navigate with the arrow keys and press Enter to confirm.
Allowing Tools Permanently
You can configure tools to always run without prompting in your crush.json:
{
"$schema": "https://charm.land/crush.json",
"permissions": {
"allowed_tools": [
"view",
"ls",
"grep",
"edit",
"mcp_context7_get-library-doc"
]
}
}Use this with care. Allowing destructive tools like bash or write means Crush can make changes without confirmation.
YOLO Mode
YOLO mode disables all permission prompts. Crush can edit and run any files it wants, except for a maintained list of banned commands.
WARNING
Be very careful with YOLO mode. LLMs can hallucinate and do dangerous things. Only use it in environments you can easily recover.
Enable YOLO mode from the command palette (Ctrl+P) by searching for "yolo", or start Crush with:
crush --yolo
crush -yWhen YOLO mode is active, the prompt box at the bottom of the screen turns yellow as a visual warning.
Disabling Built-In Tools
If you'd like to prevent Crush from using certain built-in tools entirely, you can disable them via the options.disabled_tools list. Disabled tools are completely hidden from the agent.
{
"$schema": "https://charm.land/crush.json",
"options": {
"disabled_tools": ["bash", "sourcegraph"]
}
}To disable tools from MCP servers, see the MCP config section.