Skip to content
LVIS AI
EN|KO

Host · Permissions

Directory / File Permissions

Whenever LVIS touches files on your PC, it only ever operates within folders you've explicitly allowed. Permissions are granted per folder, and you decide the scope and duration yourself.

Granting read/write permission at the directory level

Plugins can freely use only their own domain

Each plugin can freely read and write only within the domain the host has carved out for it. It can never access another plugin's domain, and it can only enter external folders such as your home directory after receiving your explicit permission.

When the host needs to access an external folder

  1. 01

    Request trigger

    A built-in host tool or an external tool attempts to write to an external area such as your home folder → a permission card fires.

  2. 02

    Permission card

    Choose read-only / read+write, plus scope (this folder only / include subfolders) and duration (1 hour / 24 hours / permanent).

  3. 03

    Permission persistence

    audit trail

    Granted permissions are recorded in the LVIS area on your PC, preserving who granted it, when, and with what scope.

  4. 04

    Usage

    Subsequent calls to the same tool run automatically within the granted permission. Access outside the scope is rejected immediately with no bypass, and re-authorization is requested from you.

Two safety layers
A plugin tool must pass both (1) its own domain sandbox and (2) permission review before it can run. Built-in host tools and external MCP tools only go through step (2), so permission review is more conservative for them.