Guides

Security And Permissions

Coldtea runs close to your local development environment. That is the point: CLI agents behave like real tools in a real terminal, with the same project files, shell configuration, and permissions you already use.

This page explains what that means in practice.

Local Execution

Coldtea Desktop runs agent sessions on your machine. A terminal pane launched from Coldtea can read files, write files, run commands, open network connections, and use credentials available to your user account.

Use the same care you would use in a normal terminal:

  • Review commands before allowing an agent to run risky work.
  • Keep secrets out of prompts, task descriptions, screenshots, and shared logs.
  • Use worktrees for isolated implementation streams.
  • Use a disposable checkout, VM, or separate machine for high-risk experiments.

Agent Permissions

Coldtea does not sandbox third-party CLI agents. Agent permission prompts come from the agent itself, such as Claude Code, Codex CLI, Gemini CLI, or OpenCode.

Coldtea adds workspace awareness around the terminal, but it does not make an unsafe command safe. If an agent asks to run a destructive command, inspect it the same way you would inspect a command suggested in any terminal.

macOS Permission Prompts

macOS may show permission dialogs when a shell command or agent tries to access protected locations such as Desktop, Downloads, Documents, or removable drives.

The dialog may name Coldtea because Coldtea is the app that launched the terminal process. Only approve access when the task actually needs that folder.

Network Traffic

Network behavior depends on the feature:

  • Local agent traffic goes to the model provider or service used by that CLI agent.
  • Git, package managers, and shell commands use the network exactly as they would in your normal terminal.
  • Team features and integrations may contact Coldtea services and connected providers when you use them.

For local-only terminal work, source code and terminal content stay on your machine unless a tool, agent, integration, or enabled cloud feature sends them elsewhere.

Code And Terminal Content

Treat task descriptions, implementation plans, shared annotations, published replays, and integration setup as intentional sharing surfaces. Do not paste secrets or private customer data into a shared surface unless your team has approved that workflow.

Team And Integration Access

Team features are governed by organization membership and the permissions in each connected provider. For example, repository access still depends on the account and permissions in your Git provider. Issue tracker access still depends on the connected workspace.

When access looks wrong, verify both Coldtea membership and the upstream provider permissions.

Practical Team Policy

For a team rollout, use these defaults:

  • Keep production credentials out of local agent sessions.
  • Prefer least-privilege provider tokens.
  • Keep machine-specific setup out of shared team instructions.
  • Require human review before merging agent-authored changes.
  • Run checks before review and before deployment.
  • Decide which work is allowed to use cloud-backed team features before rolling them out broadly.

Team Setup And Integrations

Coldtea team features help groups share work without moving the actual coding loop away from the local project.

Troubleshooting And FAQ

Use this page when Coldtea does not behave the way you expect during setup, agent work, editor review, or integrations.

On this page

Local ExecutionAgent PermissionsmacOS Permission PromptsNetwork TrafficCode And Terminal ContentTeam And Integration AccessPractical Team PolicyRelated Docs