Question 1

What is an AI agent permission policy?

Accepted Answer

It is the set of rules that decides, for each action your agent tries to take, whether to let it run, block it, or ask you first. Pushary applies that policy across all of your agents.

Question 2

What can a rule do?

Accepted Answer

Each rule maps a tool to one of three actions: auto-approve, deny, or escalate, which pushes the action to your phone for a yes or no. Escalated rules also have a timeout action for when you do not respond.

Question 3

Is the policy per-tool or per-argument?

Accepted Answer

Today the policy matches per tool. For example, you can set the shell tool to escalate so any command it runs asks you first. Matching on specific command arguments is on the roadmap, not shipped yet.

Question 4

Does one policy really cover every agent?

Accepted Answer

Yes. Claude Code, Codex, Cursor, and Hermes all read the same policy, so a rule you set once applies everywhere instead of being reconfigured per tool.

Question 5

Is the policy enforced or just advisory?

Accepted Answer

Both, depending on the agent. With hooks, in Claude Code, Codex, the Cursor plugin, and Hermes, a gated action is blocked until you approve it. With plain MCP clients it is cooperative, so the agent decides when to ask.

Question 6

How much does it cost?

Accepted Answer

Paid agent plans start at $9.99 per month with a 7-day trial, and include the permission policy, phone approvals, and the audit trail.

One permission policy
for every AI agent.

The policy makes the easy calls

Write the rules once.

One permission policyfor every AI agent.

The policy makes the easy calls

Write the rules once.

One permission policy
for every AI agent.