Control what agents can delete

Connected AI agents (Claude Code, Cursor, ChatGPT, and other MCP clients) can read and update your projects. By default they cannot delete anything. The Governed operations group, at the top of Agent Policies, lets an Owner or Admin turn on specific high-impact operations, one at a time, so agents do only what your organization has explicitly allowed.

Note

This policy governs connected (external) agents over MCP. It does not change the in-app assistant, which already acts as the signed-in person.

How it works

• Deny-by-default. Every destructive operation is off until you enable it. An empty policy means agents can delete nothing.
• One operation at a time. You enable each operation individually (for example, “Delete a task” without enabling “Delete a project”).
• Still permission-checked. Enabling an operation does not bypass permissions. The agent still needs the underlying right (for example, permission to delete a task), and a project-scoped connection still only reaches its own projects.
• Audited. Every agent deletion is recorded in the audit log, and the operations available today are recoverable from the recycle bin.

Enable an operation

1. Go to Settings → Agents → Agent Policies and find the Governed operations group pinned at the top.

2. Find the operation you want to allow. Each row shows whether it is recoverable (restorable from the recycle bin) and its blast radius (what it affects).

3. Toggle it on.

4. Click Save policy. The change takes effect immediately for every connected agent in your organization, and is recorded in the audit log.

To revoke, toggle the operation off and save again. Connected agents are denied the operation on their next call.

What agents can be allowed to do

Today the group covers the recoverable deletions:

• Delete a task: removes a task and its subtasks. Recoverable from the recycle bin.
• Delete a project: removes the entire project and all its tasks, sprints, epics, and milestones. Recoverable from the recycle bin. This is the highest-impact operation. Enable it only if you trust your connected agents with it.
• Delete a list: removes a workspace list (table) and its rows. Recoverable from the recycle bin.
• Delete a document: removes a workspace document. Recoverable from the recycle bin.

To restrict deletes only in a certain scope rather than turn them off entirely (for example, “no deletes in finance projects”), leave the operation enabled here and add a rule in the Agent Policies list below the group.

Caution

Enabling an operation applies to all connected agents in the organization, not a single agent. Review your connected agents under Settings → Agents before turning on a high-impact operation.

Who can change the policy

Editing the policy requires the Manage agent destructive-op policy permission, which defaults to Owner and Admin. You can tighten it to Owner-only (or adjust it) in the Permissions matrix. Anyone who can open the tab can view the current policy; only authorized roles can change it.

Frequently asked questions

Does this affect the in-app “Run with Onplana Agent”? No. This policy governs connected (external) MCP agents. The in-app assistant is unchanged.

What happens when an agent tries a disabled operation? The request is denied and the agent is told the operation is disabled for your organization. Nothing is deleted.

Are deletions reversible? The operations available today (delete task, project, list, document) move items to the recycle bin, where a manager can restore them. They are not permanent deletions.