From 0f46b95236124e855213df92481b4a269d4c4430 Mon Sep 17 00:00:00 2001 From: ProtocolWarden <32967198+ProtocolWarden@users.noreply.github.com> Date: Thu, 21 May 2026 07:35:32 -0400 Subject: [PATCH] add --dangerously-skip-permissions to controller session spawn claude -p without this flag blocks tool calls that would normally prompt for approval in an interactive session. The controller is a deliberate operator action in a known repo; hooks (ContextGuard) still run and enforce CLP boundaries. This gives the spawned session the same tool access as an interactive session. Co-Authored-By: Claude Sonnet 4.6 --- .console/log.md | 6 ++++++ tools/loop/controller.py | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/.console/log.md b/.console/log.md index 1551c3a7..82fc7862 100644 --- a/.console/log.md +++ b/.console/log.md @@ -1,5 +1,11 @@ # Log +## 2026-05-21 — Add --dangerously-skip-permissions to controller session spawn + +claude -p without this flag blocks tool calls that need interactive approval. +The controller is a deliberate operator action; ContextGuard hooks still run. +This gives the spawned session the same tool access as an interactive session. + ## 2026-05-21 — Full session prompt with explicit authorization (loop controller) Replaced thin SESSION_PROMPT pointer with tools/loop/oc_session_prompt.txt — diff --git a/tools/loop/controller.py b/tools/loop/controller.py index 22ae494d..268f4870 100755 --- a/tools/loop/controller.py +++ b/tools/loop/controller.py @@ -129,7 +129,7 @@ def get_delay() -> int: def run_session() -> int: """Spawn one bounded claude -p session. Returns exit code.""" prompt = load_session_prompt() - cmd = ["claude", "-p", prompt, "--output-format", "text"] + cmd = ["claude", "-p", prompt, "--dangerously-skip-permissions", "--output-format", "text"] _log(f"Spawning session (prompt: {SESSION_PROMPT_FILE.name}, {len(prompt)} chars) ...") # Source env before spawning so the session inherits OC credentials env = os.environ.copy()