Antigravity Auto Accept:エージェント承認を安全に使うルール

Auto accept は作業を速くしますが、ターミナル、ファイル削除、認証情報、MCP 操作をすべて自動許可する意味ではありません。安全な範囲と人が確認すべき範囲を分けます。

Xuper TV APK Logo

Auto Accept 安全ガイド

Works with current v2.2.1-era builds Windows, macOS, Linux July 9, 2026
Download Latest Antigravity Check Approval Matrix

Default to review for destructive, network, credential, and broad file-system actions

Antigravity IDE workspace used for reviewing agent approvals

早わかり: 自動承認は、ファイル読み取り、既知ファイルの小さな編集、フォーマット、信頼済みテストなど、戻しやすい操作だけに限定します。削除、インストール、秘密情報、git 履歴、デプロイ、外部アカウントにつながる MCP 操作は手動確認に残してください。

Auto Accept の本当の意味

Antigravity の auto accept は、繰り返しの承認を減らすための便利機能であり、すべての操作が安全という意味ではありません。エージェントはファイル閲覧、編集、コマンド実行、MCP 呼び出し、ブラウザ操作を提案できます。日常的なものもありますが、データ削除や外部送信につながるものもあります。

このサイトはダウンロードとセットアップを扱うため、推奨は保守的です。まず公式入手元、現在のバージョン、テスト用リポジトリを確認してから自動承認を広げます。業務端末では組織のポリシーを優先してください。

バージョン確認では本サイトをソフトウェア配布サイトとして扱いました。ローカル内容は v2.2.1 と公式ダウンロード先を案内しています。2026年7月9日の実行環境では公式 download/changelog がタイムアウトしたため、新しい版、サイズ、直リンクは作りません。

承認マトリクス

Use this matrix before turning a repeated prompt into an automatic rule. The safest setting depends on the command, the workspace, and whether you can easily undo the change.

操作の種類 推奨レベル 判断ルール
Read files, list folders, inspect git status Usually safe to auto accept Allow in the active workspace when no secrets or private customer data are exposed.
Edit one known source file Often safe after review pattern is clear Allow after the agent has shown the exact file path and you use version control.
Run tests, linters, formatters, type checks Good auto accept candidate Allow trusted project commands such as python build.py, npm test, or lint scripts that you already use.
Install packages or run downloaded scripts Ask first Review package name, source, lockfile impact, and whether the command can execute post-install scripts.
Delete files, move directories, rewrite git history Manual approval Require review because the blast radius can be larger than the agent summary.
Read environment variables, tokens, browser sessions, or cloud accounts Manual approval or blocked Do not auto accept actions that can expose credentials or send private data outside the workspace.

安全な設定手順

Start with a small repository and one repeated workflow. Good examples are running a formatter after edits, executing a unit test command, or accepting a patch to a single file that you can review in git. Avoid creating a global rule on the first day you use Antigravity. The first few sessions are when you learn which commands the agent tends to request and which prompts are actually protecting you.

Keep the approval scope narrow. If the setting lets you choose between workspace-only actions and unrestricted shell access, prefer workspace-only. If it lets you remember a command, remember the exact command rather than every command from the same tool. A safe rule says “allow this test command in this repository”; a risky rule says “allow any shell command forever.”

Antigravity panel used while choosing safe approval behavior
Start by observing the agent panel, then allow only repeated low-risk actions.
  1. Step 1 - Update Antigravity and verify the About dialog before changing approval settings.
  2. Step 2 - Open a non-critical repository and let the agent complete a small task while approvals stay visible.
  3. Step 3 - Auto accept only the repeated low-risk actions you understand, then confirm the git diff after each run.
  4. Step 4 - Keep manual approval for destructive, network, credential, installer, and account-connected actions.

日常作業の安全モード

A productive Antigravity setup does not need to be fully manual. The middle ground is to let the agent move quickly inside a controlled lane. Reading files, applying a small patch, and running a known validation command can be automatic. Decisions that change dependencies, call external services, or remove data should pause for human review.

Use git as your recovery boundary. Before a larger auto-accepted session, start from a clean status, make a small commit, or at least know which files are expected to change. After the session, inspect the diff before you run or publish anything. Auto accept saves clicks; it does not replace code review.

Antigravity About dialog used before changing approval settings
Verify the installed version before debugging approval or automation behavior.
  • Good default - Allow read-only exploration and known validation commands.
  • Review checkpoint - Inspect the diff before dependency, deployment, database, or workflow changes.
  • Rollback plan - Keep changes small enough that one git revert or file restore can undo them.
  • Team rule - Document which commands are approved so teammates do not inherit hidden risky defaults.

使わない方がよい場面

Disable auto accept when you are working in a repository with production credentials, private customer data, regulated records, payment flows, or deployment permissions. The cost of one wrong command is too high, and the agent may not know every internal boundary. Manual prompts are cheap compared with rotating secrets or restoring deleted data.

Also avoid auto accept while debugging a broken MCP server, a failing terminal environment, or a suspicious installer. If a command is failing, repeating it automatically can create confusing partial state. Fix the environment first, then re-enable only the commands that are now predictable.

Security note

Never auto accept a shell command copied from an unknown page, a curl-to-shell installer, a command that prints secrets, or a broad delete/move operation. If the command would make you nervous in a normal terminal, it should not be automatic inside an IDE agent.

トラブルシューティング

If automatic approvals create errors or unexpected changes, narrow the scope instead of turning every prompt back on.

The agent keeps asking anyway

The action probably falls outside the remembered scope. Check whether the path, command arguments, shell, or MCP tool changed.

Auto accepted commands fail

Run the same command in a normal terminal. If PATH, npx, permissions, or PowerShell policy differ, fix the environment before allowing repeats.

A diff is larger than expected

Stop the session, review each file, and restore unrelated changes before continuing. Then replace broad approval with a narrower rule.

A rule feels too broad

Delete the remembered approval and recreate it only after you see the exact action pattern you want to allow.

FAQ - Antigravity Auto Accept

Is Antigravity auto accept safe?

It can be safe for narrow, reversible actions such as reading files, applying known edits, and running trusted checks. It is not safe as a blanket approval for deletes, installs, secrets, cloud actions, or unknown shell scripts.

Should I auto accept terminal commands?

Only for commands you already trust in that repository, such as test, lint, format, or build commands. Ask first for package installs, network calls, database changes, and deployment commands.

Can auto accept expose secrets?

Yes, if a tool can read environment variables, config files, browser sessions, or cloud accounts and then send data elsewhere. Keep those actions manual or blocked.

What is the best beginner setting?

Keep approvals visible for the first few sessions, then allow only read-only exploration and known validation commands. Expand slowly after reviewing several clean diffs.

Does updating Antigravity change approval rules?

It can change features or defaults, so verify your settings after an update and test in a non-critical workspace before using automatic approvals on important code.