Inhalt
Was Auto Accept wirklich bedeutet
In Antigravity ist Auto Accept eine Komfortschicht für wiederholte Freigaben, keine Zusicherung, dass jede Aktion ungefährlich ist. Der Agent kann Dateien lesen, Code ändern, Befehle starten, MCP-Tools aufrufen oder Browseraktionen ausführen. Manche Schritte sind Routine, andere können Daten löschen oder übertragen.
Da diese Website Download- und Setup-Nutzer anspricht, ist die Empfehlung bewusst konservativ: Version, offizielle Quelle und ein Test-Repository zuerst prüfen. Auf Firmenrechnern gilt immer die interne Sicherheitsrichtlinie.
Die Versionsprüfung behandelte die Website als Software-Download-Seite. Lokale Inhalte verweisen auf v2.2.1 und die offizielle Downloadseite; offizielle Download- und Changelog-Seiten liefen am 9. Juli 2026 im Runner in ein Timeout, daher werden keine neue Version, Dateigröße oder Direktlinks erfunden.
Freigabe-Matrix
Use this matrix before turning a repeated prompt into an automatic rule. The safest setting depends on the command, the workspace, and whether you can easily undo the change.
| Aktionstyp | Empfohlene Stufe | Faustregel |
|---|---|---|
| Read files, list folders, inspect git status | Usually safe to auto accept | Allow in the active workspace when no secrets or private customer data are exposed. |
| Edit one known source file | Often safe after review pattern is clear | Allow after the agent has shown the exact file path and you use version control. |
| Run tests, linters, formatters, type checks | Good auto accept candidate | Allow trusted project commands such as python build.py, npm test, or lint scripts that you already use. |
| Install packages or run downloaded scripts | Ask first | Review package name, source, lockfile impact, and whether the command can execute post-install scripts. |
| Delete files, move directories, rewrite git history | Manual approval | Require review because the blast radius can be larger than the agent summary. |
| Read environment variables, tokens, browser sessions, or cloud accounts | Manual approval or blocked | Do not auto accept actions that can expose credentials or send private data outside the workspace. |
Sicheren Workflow einrichten
Start with a small repository and one repeated workflow. Good examples are running a formatter after edits, executing a unit test command, or accepting a patch to a single file that you can review in git. Avoid creating a global rule on the first day you use Antigravity. The first few sessions are when you learn which commands the agent tends to request and which prompts are actually protecting you.
Keep the approval scope narrow. If the setting lets you choose between workspace-only actions and unrestricted shell access, prefer workspace-only. If it lets you remember a command, remember the exact command rather than every command from the same tool. A safe rule says “allow this test command in this repository”; a risky rule says “allow any shell command forever.”
- Step 1 - Update Antigravity and verify the About dialog before changing approval settings.
- Step 2 - Open a non-critical repository and let the agent complete a small task while approvals stay visible.
- Step 3 - Auto accept only the repeated low-risk actions you understand, then confirm the git diff after each run.
- Step 4 - Keep manual approval for destructive, network, credential, installer, and account-connected actions.
Sicherer Alltag mit Agenten
A productive Antigravity setup does not need to be fully manual. The middle ground is to let the agent move quickly inside a controlled lane. Reading files, applying a small patch, and running a known validation command can be automatic. Decisions that change dependencies, call external services, or remove data should pause for human review.
Use git as your recovery boundary. Before a larger auto-accepted session, start from a clean status, make a small commit, or at least know which files are expected to change. After the session, inspect the diff before you run or publish anything. Auto accept saves clicks; it does not replace code review.
- Good default - Allow read-only exploration and known validation commands.
- Review checkpoint - Inspect the diff before dependency, deployment, database, or workflow changes.
- Rollback plan - Keep changes small enough that one git revert or file restore can undo them.
- Team rule - Document which commands are approved so teammates do not inherit hidden risky defaults.
Wann Auto Accept nicht passt
Disable auto accept when you are working in a repository with production credentials, private customer data, regulated records, payment flows, or deployment permissions. The cost of one wrong command is too high, and the agent may not know every internal boundary. Manual prompts are cheap compared with rotating secrets or restoring deleted data.
Also avoid auto accept while debugging a broken MCP server, a failing terminal environment, or a suspicious installer. If a command is failing, repeating it automatically can create confusing partial state. Fix the environment first, then re-enable only the commands that are now predictable.
Security note
Never auto accept a shell command copied from an unknown page, a curl-to-shell installer, a command that prints secrets, or a broad delete/move operation. If the command would make you nervous in a normal terminal, it should not be automatic inside an IDE agent.
Fehlerbehebung
If automatic approvals create errors or unexpected changes, narrow the scope instead of turning every prompt back on.
The agent keeps asking anyway
The action probably falls outside the remembered scope. Check whether the path, command arguments, shell, or MCP tool changed.
Auto accepted commands fail
Run the same command in a normal terminal. If PATH, npx, permissions, or PowerShell policy differ, fix the environment before allowing repeats.
A diff is larger than expected
Stop the session, review each file, and restore unrelated changes before continuing. Then replace broad approval with a narrower rule.
A rule feels too broad
Delete the remembered approval and recreate it only after you see the exact action pattern you want to allow.
Offizielle und verwandte Ressourcen
Use these links to verify the installer, command permissions, troubleshooting path, and related setup decisions.
- Official Antigravity download page - verify the current installer before changing setup or approval behavior
- Official Antigravity CLI permissions - permission concepts for command-line and agent workflows
- Antigravity not working guide - fix npx, agent, login, and install errors before enabling automatic approvals
- Antigravity update guide - confirm that the client version is current before testing approval behavior
- Download Antigravity v2.2.1 - current site download hub with platform-specific links and source checks