What it is
The Permission and Delegation Layer turns security boundaries into product surfaces that help users feel in control.
Homebase Building Block
Permission and Delegation Layer.
Human-readable permissions around reading, writing, sending, deleting, buying, publishing, sharing, and using external tools.
Delegation ladder
The product should make the boundary obvious.
Calls server parsing with rate limits.
Sample task
Prepare and send the weekly vendor update.
Read prior reportsok
Open vendor dataok
Create draftok
Attach chartok
Ask before sendingapproval
Selected permission
Send/share: Approval gate
Permission design should feel like delegation, not system administration.
Problem
Agents need access, but access creates fear. Delegation only works when the user knows the boundary.
How it works
- Represent permissions as actions users understand: read, draft, edit, send, delete, publish, buy, or share.
- Require explicit approval as risk increases.
- Show what access is being used during execution.
Why it matters
- Delegation only works when the user knows the boundary.
- Permissions should feel like approving work, not configuring infrastructure.
- Higher-risk actions need previews, confirmations, and recovery paths.
Behavior
Good behavior
The system asks to read a folder, draft a vendor email, and wait for approval before sending it.
Bad behavior
The agent can send, delete, publish, or buy without a clear approval moment.
Recruiter signal
This shows product judgment around trust, AI UX, systems thinking, and the difference between useful automation and opaque automation.