Day 11 of 21
Permissions and approvals - do not let AI run wild
Goal: Learn how to read permission prompts, approve only what you understand, point Codex at the right file before it starts, and reject or revise actions that are too broad.
What to do
Understand permission prompts before clicking anything
When Codex asks for permission, it is showing you what it wants to do next. The prompt usually describes an action and the file it will affect. Read the whole prompt — not just the file name. The action word matters most: "read" or "inspect" is safe. "Write", "create", "delete", or "run" means Codex is about to change something. If the action word is anything other than "read", pause and ask for a plain-English explanation before approving.
Tell Codex exactly which file to work on before it starts
Before approving any file edit, confirm Codex is looking at the right file. The most common non-developer mistake is letting Codex guess which file to change when there are several similar ones. Before you approve, ask Codex to name the exact file and show you the first few lines of it — this confirms it is looking at the right one. If it names the wrong file, say "that is not the file I want — I want [CORRECT FILE NAME]" before approving anything.
Use this prompt to confirm Codex is looking at the right file:
Before you make any changes, tell me:
1. Which exact file you will edit (full file path)
2. Show me the first 5 lines of that file so I can confirm it is the right one
3. What is the one specific change you will make to it?
Do not touch any file until I confirm this is correct.Approve low-risk reads — and nothing else at this stage
Allow Codex to inspect or read files freely. These actions cannot change your project. What you should not approve yet: writing files, creating files, deleting files, installing packages, or running scripts. Use this step to let Codex gather the information it needs — then review what it found before approving any changes.
Pause and review before approving any file edit
When Codex wants to edit a file, stop and ask three questions before approving: Did I ask Codex to change this file, Is this the correct file (name and content), Does the planned change match what I asked for, If you cannot answer all three with "yes", do not approve. Ask Codex to explain or show you the plan again.
Reject or revise actions that are too broad
Rejecting a Codex action does not mean failure — it means you are in control. Reject when the action is too broad (more files than you asked about), too unclear (you do not understand what it will do), or too risky (it touches auth, payments, or navigation). After rejecting, rewrite your request as a smaller, more specific version. A rejected action that gets narrowed to a safe version is better than an approved action that breaks something.
Expected result
You can read a permission prompt and identify the action type. You confirmed the correct file before any edits. You approved read actions confidently. You paused before file edits and asked the three questions. You practiced rejecting an action and rewriting it as a smaller request.
Key takeaway
- Permission prompts are control points. Every one is a question: "Should I let Codex do this specific thing right now?" Do not approve what you do not understand. Pause, ask, then decide.