Start read-only
For a new workflow, start by allowing reading and drafting. Add write actions only after you trust the prompt and output. Good default:Use permission settings
Review:strawberry://settings/ai-permissionsstrawberry://settings/integrations- Per-integration tool permissions
- Folder access prompts
- Routine permissions
Be careful with always-allow
Only use Always allow for low-risk actions you understand. Avoid always-allow permissions for tools that send messages, change records, delete data, invite users, or spend money.Treat shared companions as editable
Companion sharing currently grants edit access. Recipients can update settings, memories, and skills until you stop sharing. Do not put sensitive files or private instructions into a companion you plan to share broadly.Public file links
Public file links are unlisted snapshots, not private access-controlled shares. Anyone with the link can view the published snapshot until you revoke it.Destructive actions
Review destructive actions carefully:- Account deletion
- Team deletion
- Clearing cookies and site data
- Disconnecting app accounts
- Removing members
- Revoking shared access
- Deleting files
Human review checklist
Before approving an important action, check:- Which account or profile is involved
- Which external app will be changed
- Whether the output cites sources
- Whether the companion is acting on current data
- Whether the action can be undone