refactor: remove MCP permission settings and streamline SDK options for autonomous mode

- Removed MCP permission settings from the application, including related functions and UI components.
- Updated SDK options to always bypass permissions and allow unrestricted tool access in autonomous mode.
- Adjusted related components and services to reflect the removal of MCP permission configurations, ensuring a cleaner and more efficient codebase.

apps/ui/src/components/views/settings-view/mcp-servers/components/index.ts

@@ -1,4 +1,3 @@
 export { MCPServerHeader } from './mcp-server-header';
-export { MCPPermissionSettings } from './mcp-permission-settings';
 export { MCPToolsWarning } from './mcp-tools-warning';
 export { MCPServerCard } from './mcp-server-card';

apps/ui/src/components/views/settings-view/mcp-servers/components/mcp-permission-settings.tsx

@@ -1,96 +0,0 @@
-import { ShieldAlert } from 'lucide-react';
-import { Label } from '@/components/ui/label';
-import { Switch } from '@/components/ui/switch';
-import { syncSettingsToServer } from '@/hooks/use-settings-migration';
-import { cn } from '@/lib/utils';
-
-interface MCPPermissionSettingsProps {
-  mcpAutoApproveTools: boolean;
-  mcpUnrestrictedTools: boolean;
-  onAutoApproveChange: (checked: boolean) => void;
-  onUnrestrictedChange: (checked: boolean) => void;
-}
-
-export function MCPPermissionSettings({
-  mcpAutoApproveTools,
-  mcpUnrestrictedTools,
-  onAutoApproveChange,
-  onUnrestrictedChange,
-}: MCPPermissionSettingsProps) {
-  const hasAnyEnabled = mcpAutoApproveTools || mcpUnrestrictedTools;
-
-  return (
-    <div className="px-6 py-4 border-b border-border/50 bg-muted/20">
-      <div className="space-y-4">
-        <div className="flex items-start gap-3">
-          <Switch
-            id="mcp-auto-approve"
-            checked={mcpAutoApproveTools}
-            onCheckedChange={async (checked) => {
-              onAutoApproveChange(checked);
-              await syncSettingsToServer();
-            }}
-            data-testid="mcp-auto-approve-toggle"
-            className="mt-0.5"
-          />
-          <div className="space-y-1 flex-1">
-            <Label htmlFor="mcp-auto-approve" className="text-sm font-medium cursor-pointer">
-              Auto-approve MCP tool calls
-            </Label>
-            <p className="text-xs text-muted-foreground">
-              When enabled, the AI agent can use MCP tools without permission prompts.
-            </p>
-            {mcpAutoApproveTools && (
-              <p className="text-xs text-amber-600 flex items-center gap-1 mt-1">
-                <ShieldAlert className="h-3 w-3" />
-                Bypasses normal permission checks
-              </p>
-            )}
-          </div>
-        </div>
-
-        <div className="flex items-start gap-3">
-          <Switch
-            id="mcp-unrestricted"
-            checked={mcpUnrestrictedTools}
-            onCheckedChange={async (checked) => {
-              onUnrestrictedChange(checked);
-              await syncSettingsToServer();
-            }}
-            data-testid="mcp-unrestricted-toggle"
-            className="mt-0.5"
-          />
-          <div className="space-y-1 flex-1">
-            <Label htmlFor="mcp-unrestricted" className="text-sm font-medium cursor-pointer">
-              Unrestricted tool access
-            </Label>
-            <p className="text-xs text-muted-foreground">
-              When enabled, the AI agent can use any tool, not just the default set.
-            </p>
-            {mcpUnrestrictedTools && (
-              <p className="text-xs text-amber-600 flex items-center gap-1 mt-1">
-                <ShieldAlert className="h-3 w-3" />
-                Agent has full tool access including file writes and bash
-              </p>
-            )}
-          </div>
-        </div>
-
-        {hasAnyEnabled && (
-          <div
-            className={cn(
-              'rounded-md border border-amber-500/30 bg-amber-500/10 p-3 mt-2',
-              'text-xs text-amber-700 dark:text-amber-400'
-            )}
-          >
-            <p className="font-medium mb-1">Security Note</p>
-            <p>
-              These settings reduce security restrictions for MCP tool usage. Only enable if you
-              trust all configured MCP servers.
-            </p>
-          </div>
-        )}
-      </div>
-    </div>
-  );
-}

apps/ui/src/components/views/settings-view/mcp-servers/hooks/use-mcp-servers.ts

@@ -21,16 +21,7 @@ interface PendingServerData {
 }
 
 export function useMCPServers() {
-  const {
-    mcpServers,
-    addMCPServer,
-    updateMCPServer,
-    removeMCPServer,
-    mcpAutoApproveTools,
-    mcpUnrestrictedTools,
-    setMcpAutoApproveTools,
-    setMcpUnrestrictedTools,
-  } = useAppStore();
+  const { mcpServers, addMCPServer, updateMCPServer, removeMCPServer } = useAppStore();
 
   // State
   const [isAddDialogOpen, setIsAddDialogOpen] = useState(false);
@@ -938,10 +929,6 @@ export function useMCPServers() {
   return {
     // Store state
     mcpServers,
-    mcpAutoApproveTools,
-    mcpUnrestrictedTools,
-    setMcpAutoApproveTools,
-    setMcpUnrestrictedTools,
 
     // Dialog state
     isAddDialogOpen,

apps/ui/src/components/views/settings-view/mcp-servers/mcp-servers-section.tsx

@@ -1,12 +1,7 @@
 import { Plug } from 'lucide-react';
 import { cn } from '@/lib/utils';
 import { useMCPServers } from './hooks';
-import {
-  MCPServerHeader,
-  MCPPermissionSettings,
-  MCPToolsWarning,
-  MCPServerCard,
-} from './components';
+import { MCPServerHeader, MCPToolsWarning, MCPServerCard } from './components';
 import {
   AddEditServerDialog,
   DeleteServerDialog,
@@ -20,10 +15,6 @@ export function MCPServersSection() {
   const {
     // Store state
     mcpServers,
-    mcpAutoApproveTools,
-    mcpUnrestrictedTools,
-    setMcpAutoApproveTools,
-    setMcpUnrestrictedTools,
 
     // Dialog state
     isAddDialogOpen,
@@ -98,15 +89,6 @@ export function MCPServersSection() {
         onAdd={handleOpenAddDialog}
       />
 
-      {mcpServers.length > 0 && (
-        <MCPPermissionSettings
-          mcpAutoApproveTools={mcpAutoApproveTools}
-          mcpUnrestrictedTools={mcpUnrestrictedTools}
-          onAutoApproveChange={setMcpAutoApproveTools}
-          onUnrestrictedChange={setMcpUnrestrictedTools}
-        />
-      )}
-
       {showToolsWarning && <MCPToolsWarning totalTools={totalToolsCount} />}
 
       <div className="p-6">

apps/ui/src/hooks/use-settings-migration.ts

@@ -230,8 +230,6 @@ export async function syncSettingsToServer(): Promise<boolean> {
       keyboardShortcuts: state.keyboardShortcuts,
       aiProfiles: state.aiProfiles,
       mcpServers: state.mcpServers,
-      mcpAutoApproveTools: state.mcpAutoApproveTools,
-      mcpUnrestrictedTools: state.mcpUnrestrictedTools,
       promptCustomization: state.promptCustomization,
       projects: state.projects,
       trashedProjects: state.trashedProjects,
@@ -336,12 +334,10 @@ export async function loadMCPServersFromServer(): Promise<boolean> {
     }
 
     const mcpServers = result.settings.mcpServers || [];
-    const mcpAutoApproveTools = result.settings.mcpAutoApproveTools ?? true;
-    const mcpUnrestrictedTools = result.settings.mcpUnrestrictedTools ?? true;
 
     // Clear existing and add all from server
     // We need to update the store directly since we can't use hooks here
-    useAppStore.setState({ mcpServers, mcpAutoApproveTools, mcpUnrestrictedTools });
+    useAppStore.setState({ mcpServers });
 
     console.log(`[Settings Load] Loaded ${mcpServers.length} MCP servers from server`);
     return true;

apps/ui/src/lib/http-api-client.ts

@@ -1438,8 +1438,6 @@ export class HttpApiClient implements ElectronAPI {
           headers?: Record<string, string>;
           enabled?: boolean;
         }>;
-        mcpAutoApproveTools?: boolean;
-        mcpUnrestrictedTools?: boolean;
       };
       error?: string;
     }> => this.get('/api/settings/global'),

apps/ui/src/store/app-store.ts

@@ -491,8 +491,6 @@ export interface AppState {
 
   // MCP Servers
   mcpServers: MCPServerConfig[]; // List of configured MCP servers for agent use
-  mcpAutoApproveTools: boolean; // Auto-approve MCP tool calls without permission prompts
-  mcpUnrestrictedTools: boolean; // Allow unrestricted tools when MCP servers are enabled
 
   // Prompt Customization
   promptCustomization: PromptCustomization; // Custom prompts for Auto Mode, Agent, Backlog Plan, Enhancement
@@ -777,8 +775,6 @@ export interface AppActions {
   setAutoLoadClaudeMd: (enabled: boolean) => Promise<void>;
   setEnableSandboxMode: (enabled: boolean) => Promise<void>;
   setSkipSandboxWarning: (skip: boolean) => Promise<void>;
-  setMcpAutoApproveTools: (enabled: boolean) => Promise<void>;
-  setMcpUnrestrictedTools: (enabled: boolean) => Promise<void>;
 
   // Prompt Customization actions
   setPromptCustomization: (customization: PromptCustomization) => Promise<void>;
@@ -980,8 +976,6 @@ const initialState: AppState = {
   enableSandboxMode: false, // Default to disabled (can be enabled for additional security)
   skipSandboxWarning: false, // Default to disabled (show sandbox warning dialog)
   mcpServers: [], // No MCP servers configured by default
-  mcpAutoApproveTools: true, // Default to enabled - bypass permission prompts for MCP tools
-  mcpUnrestrictedTools: true, // Default to enabled - don't filter allowedTools when MCP enabled
   promptCustomization: {}, // Empty by default - all prompts use built-in defaults
   aiProfiles: DEFAULT_AI_PROFILES,
   projectAnalysis: null,
@@ -1632,19 +1626,6 @@ export const useAppStore = create<AppState & AppActions>()(
         const { syncSettingsToServer } = await import('@/hooks/use-settings-migration');
         await syncSettingsToServer();
       },
-      setMcpAutoApproveTools: async (enabled) => {
-        set({ mcpAutoApproveTools: enabled });
-        // Sync to server settings file
-        const { syncSettingsToServer } = await import('@/hooks/use-settings-migration');
-        await syncSettingsToServer();
-      },
-      setMcpUnrestrictedTools: async (enabled) => {
-        set({ mcpUnrestrictedTools: enabled });
-        // Sync to server settings file
-        const { syncSettingsToServer } = await import('@/hooks/use-settings-migration');
-        await syncSettingsToServer();
-      },
-
       // Prompt Customization actions
       setPromptCustomization: async (customization) => {
         set({ promptCustomization: customization });
@@ -2933,8 +2914,6 @@ export const useAppStore = create<AppState & AppActions>()(
           skipSandboxWarning: state.skipSandboxWarning,
           // MCP settings
           mcpServers: state.mcpServers,
-          mcpAutoApproveTools: state.mcpAutoApproveTools,
-          mcpUnrestrictedTools: state.mcpUnrestrictedTools,
           // Prompt customization
           promptCustomization: state.promptCustomization,
           // Profiles and sessions