Devin for Terminal uses JSON files (with comment support) for configuration. This page documents all available options.
File Locations
| File | Purpose |
|---|
~/.config/cognition/config.json | User-wide settings |
~/.config/cognition/config.local.json | User-wide local overrides |
.cognition/config.json | Project settings (committed) |
.cognition/config.local.json | Project local overrides (gitignored) |
Full Config Reference
User config
Project config
// ~/.config/cognition/config.json
{
// Agent behavior
"agent": {
"model": "claude-opus-4-6-thinking", // Default model
"show_history_on_continue": true // Show messages when resuming
},
// Theme
"theme_mode": null, // "light", "dark", or null (auto)
// Permissions
"permissions": {
"allow": [],
"deny": [],
"ask": []
},
// MCP servers
"mcpServers": {},
// Display
"show_path": false, // Show CWD in input border
// Sandbox network filtering
"sandbox": {
"allowed_domains": [], // Domain allowlist (empty = no filtering)
"denied_domains": [], // Domain denylist (takes precedence)
"network_mode": "full" // "full" or "limited" (GET/HEAD/OPTIONS only)
},
// Import settings from other tools
"read_config_from": {
"cursor": true,
"windsurf": true,
"claude": true
}
}
// .cognition/config.json
{
// Permissions
"permissions": {
"allow": [],
"deny": [],
"ask": []
},
// MCP servers
"mcpServers": {},
// Import settings from other tools
"read_config_from": {
"cursor": true,
"windsurf": true,
"claude": true
}
}
Options Reference
agent
| Option | Type | Default | Description |
|---|
model | string | "claude-opus-4-6-thinking" | Default AI model |
show_history_on_continue | boolean | true | Show previous messages when resuming a session |
theme_mode
| Value | Behavior |
|---|
null | Auto-detect (asks on first run) |
"light" | Light theme |
"dark" | Dark theme |
permissions
See Permissions for full documentation.
{
"permissions": {
"allow": ["Read(**)", "Exec(git)"],
"deny": ["Exec(sudo)"],
"ask": ["Write(**/.env*)"]
}
}
mcpServers
Map of server name to server configuration. Supports both local command (stdio) and remote HTTP servers. See MCP Configuration.
{
"mcpServers": {
"server-name": {
"command": "executable",
"args": ["arg1", "arg2"],
"env": { "KEY": "value" }
},
"remote-server": {
"url": "https://mcp.example.com/mcp",
"transport": "http"
}
}
}
show_path
Show the current working directory path in the input border. When enabled, the top border of the input box displays your prettified CWD (e.g. ~/projects/my-app).
| Value | Behavior |
|---|
false | Hidden (default) |
true | Show CWD path in input border |
read_config_from
Control importing from other AI tool configurations:
| Option | Type | Default | Description |
|---|
cursor | boolean/null | true | Import from .cursorrules, .cursor/rules/ |
windsurf | boolean/null | true | Import from .windsurf/rules/ |
claude | boolean/null | true | Import from .claude/ |
false to disable a specific import. null is treated as true.
sandbox
Sandbox network filtering is currently unstable. If you need this feature, please reach out to your account representative for stability timelines.
--sandbox workspace is active and domain filtering is configured, a managed network proxy starts on loopback and the sandbox restricts all child traffic to route through it. (In --sandbox read-only mode, all network access is blocked entirely regardless of domain filtering settings.)
| Option | Type | Default | Description |
|---|
allowed_domains | string[] | [] | Domain patterns allowed through the proxy. When non-empty, only matching domains are allowed (allowlist mode) |
denied_domains | string[] | [] | Domain patterns always blocked. Deny rules take precedence over allow rules |
network_mode | string | "full" | "full" allows all HTTP methods; "limited" allows only GET/HEAD/OPTIONS |
| Pattern | Matches |
|---|
example.com | Exact match only |
*.example.com | Any subdomain (not the apex) |
**.example.com | Apex domain and any subdomain |
{
"sandbox": {
"allowed_domains": [
"github.com",
"**.npmjs.org",
"**.crates.io",
"**.pypi.org"
],
"denied_domains": ["evil.example.com"],
"network_mode": "full"
}
}
Domain filtering applies when the sandbox is active in workspace mode (--sandbox workspace). With --sandbox off, the sandbox section is ignored. With --sandbox read-only, all network access is blocked regardless of these settings.
Config files support JavaScript-style comments:
{
// Line comments
"agent": {
"model": "sonnet" // Inline comments
},
/* Block
comments */
"permissions": {}
}
