thcode operates in one of two Work Modes at all times: Plan and Build. These modes are not pipeline stages — they are independently selectable dimensions of session state. You can enter either mode directly, switch freely between them mid-session, and the currently active mode is always visible in the terminal UI. Work Mode is orthogonal to Permission Profile: neither implies the other, and both must be treated as separate UI state.Documentation Index
Fetch the complete documentation index at: https://mintlify.com/Temicide/thcode/llms.txt
Use this file to discover all available pages before exploring further.
What makes Plan mode different
Plan mode enforces a structural read-only boundary. This is not a policy layer that a sufficiently permissive Permission Profile can override — it is a hard architectural rule evaluated before the permission engine runs. Evenfull-access in Plan mode cannot authorize a mutation. The ToolRegistry.resolveForMode() method refuses to surface mutating tools to the model when mode is plan, and evaluatePermission() short-circuits to deny before reaching any profile logic.
PlanModeToolRefusedError is raised at the registry level when the model proposes a mutating tool name while in Plan mode, before the permission engine is ever consulted.
Session defaults
Every new interactive session starts in Build mode with the Manual Permission Profile. This is theNEW_SESSION_DEFAULT constant from permissions/types.ts:
Switching modes
Keyboard shortcut
Press Shift+Tab to cycle directly between Plan and Build. Plain Tab is reserved for
/command and @file completion.Slash commands
Type
/plan to enter Plan mode or /build to enter Build mode explicitly from the command line.What Plan mode can do
Plan mode allows all non-mutating operations. The model can fully analyze a codebase, surface intended changes, and report any preflight issues before a single byte is written.Read files
read_file is non-mutating and available in Plan mode. The model can read any file within the workspace boundary.List directories
list_dir is non-mutating. The model can explore the workspace directory tree freely.Show a plan
The model can emit a structured summary of intended files, commands, risks, and verification criteria — without executing any of them.
What Plan mode cannot do
Any action whosemutating flag is true in the Permission Matrix is blocked unconditionally while in Plan mode, regardless of Permission Profile.
Action class reference
The Permission Matrix defines a fixed registry of action classes with static attributes. A class absent from this registry is treated as unknown and denied. The table below reflectsPERMISSION_MATRIX_VERSION = 1 from permissions/matrix.ts.
| Action Class | Mutating | Sensitive | Risk | Requires Enforcement Capability | Available in Plan |
|---|---|---|---|---|---|
read_file | No | No | low | — | ✅ Yes |
list_dir | No | No | low | — | ✅ Yes |
search | No | No | low | — | ✅ Yes |
write_file | Yes | No | medium | filesystem-write | ❌ No |
delete | Yes | No | high | filesystem-delete | ❌ No |
run_command | Yes | No | high | command-exec | ❌ No |
transfer | No | Yes | high | network-transfer | ⚠️ Ask (sensitive) |
transfer is marked non-mutating but sensitive, and carries a high risk rating. It is not structurally blocked in Plan mode (it is not mutating), but sensitive actions always require approval — evaluatePermission() returns ask for any sensitive action unless full-access holds the explicit sensitiveOverride flag. See Permission Profiles.Build mode
Build mode lifts the structural read-only restriction. Mutating tools become available to the model, and whether any particular mutating action executes automatically or asks for approval is governed entirely by the active Permission Profile. Build mode combined withfull-access means no per-action prompts for non-sensitive operations inside declared workspace boundaries.