⚡ Expert Mode

Temporary AI agent access to your host OS — time-limited, audited, and controlled. Power when you need it, safety always.

Sometimes your AI agent needs to interact with the host operating system directly — installing a package, modifying a configuration file, checking system status, or running a diagnostic command. Expert Mode provides this capability with strict safety guardrails: time limits, command filtering, risk assessment, and a kill switch that's always one click away.

Expert Mode is designed for the "expert on demand" workflow. You activate it when you need it, the agent performs the task under full supervision, and the session ends automatically. There's no persistent elevated access — every Expert Mode session is a controlled, temporary privilege escalation.

Time-Limited Sessions

⏱️ Maximum 60 Minutes

Every Expert Mode session has a hard time limit. The default is 15 minutes, configurable up to 60 minutes maximum. When the timer expires, the session terminates automatically — no exceptions. A countdown is visible at all times. You can extend an active session once, but never beyond the 60-minute cap.

The time limit isn't just a safety feature — it's a design principle. Expert Mode sessions should be short and focused. Get in, do the task, get out. If a task requires more than 60 minutes of host access, it should be broken into multiple sessions with review points between them.

Command Control

✅ Whitelist / Blacklist

Define exactly which commands your agent is allowed to run. The whitelist approach allows only explicitly approved commands. The blacklist approach allows everything except dangerous operations. You choose the model that fits your security policy. Both support wildcards and regex patterns.

⚠️ Dangerous Operation Detection

UAML maintains a built-in database of dangerous commands and patterns. Operations like rm -rf /, chmod 777, dd if=/dev/zero, or modifying system boot configuration trigger an automatic risk assessment. The agent must explain why the command is necessary, and you must explicitly confirm before it executes.

The risk assessment system categorizes commands into three levels: safe (auto-approved if whitelisted), moderate (requires confirmation), and dangerous (requires explicit confirmation with risk explanation). You can customize the categorization for your environment — what's dangerous on a production server might be routine on a development machine.

Kill Switch

🛑 Instant Termination

A persistent kill switch button is visible throughout every Expert Mode session. One click terminates the session immediately — all running commands are killed, the agent's host access is revoked, and the session is logged as manually terminated. No confirmation dialog, no delay. The kill switch is your emergency brake.

Real-Time Audit Log

Every action taken during an Expert Mode session is logged in real-time. You see a live feed of commands being executed, their output, and their exit codes. The audit log captures the complete context: what was requested, what was actually run, what the output was, and how long it took.

# Expert Mode session audit log example [2026-03-14 10:15:03] SESSION START — requested by user:pavel [2026-03-14 10:15:03] Time limit: 15 minutes (expires 10:30:03) [2026-03-14 10:15:03] Mode: whitelist (apt, systemctl, journalctl, cat, ls) [2026-03-14 10:15:05] COMMAND: apt update [2026-03-14 10:15:05] RISK: safe ✅ — whitelisted command [2026-03-14 10:15:12] EXIT: 0 (7.2s) [2026-03-14 10:15:15] COMMAND: apt install nginx [2026-03-14 10:15:15] RISK: moderate ⚠️ — installs system package [2026-03-14 10:15:15] CONFIRMATION: user approved [2026-03-14 10:15:28] EXIT: 0 (13.1s) [2026-03-14 10:15:30] COMMAND: systemctl enable nginx [2026-03-14 10:15:30] RISK: safe ✅ — whitelisted command [2026-03-14 10:15:31] EXIT: 0 (0.8s) [2026-03-14 10:15:35] SESSION END — completed by user [2026-03-14 10:15:35] Duration: 32 seconds | Commands: 3 | Failures: 0

Why It Matters

← Back to Security Configurator