diff --git a/client.py b/client.py index 5d54e80..ef7dc34 100644 --- a/client.py +++ b/client.py @@ -15,7 +15,7 @@ from claude_agent_sdk import ClaudeAgentOptions, ClaudeSDKClient from claude_agent_sdk.types import HookMatcher from dotenv import load_dotenv -from security import bash_security_hook, web_tools_auto_approve_hook +from security import bash_security_hook # Load environment variables from .env file if present load_dotenv() @@ -181,7 +181,7 @@ def create_client( security_settings = { "sandbox": {"enabled": True, "autoAllowBashIfSandboxed": True}, "permissions": { - "defaultMode": "bypassPermissions", # Auto-approve all tools + "defaultMode": "acceptEdits", # Auto-approve edits within allowed directories "allow": permissions_list, }, } @@ -273,7 +273,6 @@ def create_client( hooks={ "PreToolUse": [ HookMatcher(matcher="Bash", hooks=[bash_security_hook]), - HookMatcher(matcher="WebFetch|WebSearch", hooks=[web_tools_auto_approve_hook]), ], }, max_turns=1000, diff --git a/security.py b/security.py index 9c9405f..4e03117 100644 --- a/security.py +++ b/security.py @@ -309,28 +309,6 @@ def get_command_for_validation(cmd: str, segments: list[str]) -> str: return "" -async def web_tools_auto_approve_hook(input_data, tool_use_id=None, context=None): - """ - Pre-tool-use hook that auto-approves WebFetch and WebSearch tools. - - Workaround for Claude Code bug where these tools are auto-denied in dontAsk mode. - See: https://github.com/anthropics/claude-code/issues/11881 - - Args: - input_data: Dict containing tool_name and tool_input - tool_use_id: Optional tool use ID - context: Optional context - - Returns: - Empty dict to allow (auto-approve) - """ - tool_name = input_data.get("tool_name", "") - if tool_name in ("WebFetch", "WebSearch"): - # Return empty dict = allow/approve the tool - return {} - return {} - - async def bash_security_hook(input_data, tool_use_id=None, context=None): """ Pre-tool-use hook that validates bash commands using an allowlist. diff --git a/server/services/spec_chat_session.py b/server/services/spec_chat_session.py index 4d2fb54..c86bda2 100644 --- a/server/services/spec_chat_session.py +++ b/server/services/spec_chat_session.py @@ -181,8 +181,15 @@ class SpecChatSession: # System prompt loaded from CLAUDE.md via setting_sources # Include "user" for global skills and subagents from ~/.claude/ setting_sources=["project", "user"], - # No allowed_tools restriction - full access to all tools, skills, subagents - permission_mode="bypassPermissions", # Auto-approve all tools + allowed_tools=[ + "Read", + "Write", + "Edit", + "Glob", + "WebFetch", + "WebSearch", + ], + permission_mode="acceptEdits", # Auto-approve file writes for spec creation max_turns=100, cwd=str(self.project_dir.resolve()), settings=str(settings_file.resolve()), diff --git a/ui/src/components/AgentAvatar.tsx b/ui/src/components/AgentAvatar.tsx index 72a798b..3ed4b88 100644 --- a/ui/src/components/AgentAvatar.tsx +++ b/ui/src/components/AgentAvatar.tsx @@ -595,9 +595,3 @@ export function AgentAvatar({ name, state, size = 'md', showName = false }: Agen ) } - -// Get mascot name by index (cycles through available mascots) -export function getMascotName(index: number): AgentMascot { - const mascots = Object.keys(MASCOT_SVGS) as AgentMascot[] - return mascots[index % mascots.length] -}