claude_swarm 0.1.14 → 0.1.16

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 84e312dafa827cdd4e47476f06dde741574b6d3592a41f0f4461758e04c7a2ed
-  data.tar.gz: dc2d25cbd5524074543902ce715dbd239a0701e450444f1012fc2c0fe96a37c9
+  metadata.gz: b71b3ce3aebae7de091dd130cda9fc4c474f538f444be15f1ee5b07501210db6
+  data.tar.gz: 846ac3f979b5912ccbc70f1810b760f625e75b1c7e905d5d1199b893d0bc3400
 SHA512:
-  metadata.gz: 912831b498945b3aad80bfd8fac504e661150bce3f82aa0b69c0e74034f7d4b40faaf0f75bafabe44152fa030ec2ca85d0f7ed56e112a29c6b26f5927875c4c0
-  data.tar.gz: 7cc1775698b209bfde6564324ca8fddd85a0a7bfcb869faea7d0f8572b8c2d2e64ff55f9b393d12a7d1beca96a0f615e304de0ab53da2d99f67ce6d72fa77b13
+  metadata.gz: 9f891010506baba80420357aad85a7fde6704c2ed99155e9cf32fd38cc35efd007ac19fe0e8a1df59b5f1df2d24980f7f0150551629667b42254d02bf77c4ddc
+  data.tar.gz: 29f913521f66298ee24dbdff1b8a043d3a00abe0723080b953cb3dbc127ac6e5ecb35a8b857f61af062db9d570f3c42a90e874dcb114b42f6bee163162f96a0a

data/CHANGELOG.md

@@ -1,3 +1,35 @@
+## [0.1.16]
+
+### Changed
+- **Breaking change**: Removed custom permission MCP server in favor of Claude's native `mcp__MCP_NAME` pattern
+- Connected instances are now automatically added to allowed tools as `mcp__<instance_name>`
+- CLI parameter `--tools` renamed to `--allowed-tools` for consistency with YAML configuration
+- MCP generator no longer creates permission MCP server configurations
+
+### Removed
+- Removed `PermissionMcpServer` and `PermissionTool` classes
+- Removed `tools-mcp` CLI command
+- Removed regex tool pattern syntax - use Claude Code patterns instead
+- Removed `--permission-prompt-tool` flag from orchestrator
+- Removed permission logging to `permissions.log`
+
+### Migration Guide
+- Replace custom tool patterns with Claude Code's native patterns in your YAML files:
+  - `"Bash(npm:*)"` → Use `Bash` and Claude Code's built-in command restrictions
+  - `"Edit(*.js)"` → Use `Edit` and Claude Code's built-in file restrictions
+- For fine-grained tool control, use Claude Code's native patterns:
+  - `mcp__<server_name>__<tool_name>` for specific tools from an MCP server
+  - `mcp__<server_name>` to allow all tools from an MCP server
+- Connected instances are automatically accessible via `mcp__<instance_name>` pattern
+- See Claude Code's documentation for full details on supported tool patterns
+
+## [0.1.15]
+
+### Changed
+- **Dependency update**: Switched from `fast-mcp` to `fast-mcp-annotations` for improved tool annotation support
+- **Task tool annotations**: Added read-only, non-destructive, and closed-world hints to the task tool to allow parallel execution
+- Change the task tool description to say there's no description parameter, so claude does not try to send it.
+
 ## [0.1.14]
 
 ### Changed

data/CLAUDE.md

@@ -54,7 +54,7 @@ The gem is fully implemented with the following components:
 
 1. **YAML Configuration**: Define swarms with instances, connections, tools, and MCP servers
 2. **Inter-Instance Communication**: Instances connect via MCP using `claude mcp serve` with `-p` flag
-3. **Tool Restrictions**: Support for pattern-based tool restrictions (e.g., `Bash(npm:*)`)
+3. **Tool Restrictions**: Support for tool restrictions using Claude's native pattern (connections are available as `mcp__instance_name`)
 4. **Multiple MCP Types**: Supports both stdio and SSE MCP server types
 5. **Automatic MCP Generation**: Creates `.claude-swarm/` directory with MCP configs
 6. **Custom System Prompts**: Each instance can have a custom prompt via `--append-system-prompt`
@@ -63,9 +63,10 @@ The gem is fully implemented with the following components:
 
 1. User creates a `claude-swarm.yml` file defining the swarm topology
 2. Running `claude-swarm` parses the configuration and validates it
-3. MCP configuration files are generated for each instance in `.claude-swarm/`
+3. MCP configuration files are generated for each instance in a session directory
 4. The main instance is launched with `exec`, replacing the current process
 5. Connected instances are available as MCP servers to the main instance
+6. When an instance has connections, those connections are automatically added to its allowed tools as `mcp__<connection_name>`
 
 ### Configuration Example
 
@@ -85,15 +86,18 @@ swarm:
       directory: ./frontend
       model: sonnet
       prompt: "You specialize in frontend development with React"
-      tools: [Edit, Write, "Bash(npm:*)"]
+      tools: [Edit, Write, Bash]
 ```
 
 ## Testing
 
-The gem includes basic tests for version number and CLI existence. Additional tests should be added for:
+The gem includes comprehensive tests covering:
 - Configuration parsing and validation
-- MCP generation logic
+- MCP generation logic with connections
 - Error handling scenarios
+- CLI command functionality
+- Session restoration
+- Vibe mode behavior
 
 ## Dependencies
 

data/EXAMPLES.md

@@ -0,0 +1,164 @@
+## Draft use case
+
+Imagine you're working in the storefront-web repository. Page load times doubled yesterday. You're not sure why. 
+
+To investigate today you'd use a generalized Claude. It has access to dozens of MCP tools. Tools to read data from BigQuery. Tools to crawl repositories. Tools to checkout code it needs. Tools for GitHub interactions. Tools for Kafka. Tools for file operations.
+
+You need to query BigQuery to pinpoint when the performance degraded. You also need to check recent gem upgrades. But Claude doesn't know which gem repositories to look at. You have to provide context about where to find gem source code. You have to guide it through vendor directories or gem installation paths.
+
+Claude might be able to do this. But with dozens of MCP tools loaded and lots of context it can be overwhelmed and unfocused. It struggles to pick the right tools. It struggles to understand which repos to read. It struggles to keep context in mind while switching between data analysis and code exploration.
+
+## Enter Claude-Swarm
+
+```
+Without Swarm:                         With Claude-Swarm:
+                                      
+┌──────────────────────────────┐       ┌─────────────────────────────────┐
+│           You                │       │            You                  │
+└──────────────┬───────────────┘       └──────────────┬──────────────────┘
+               │                                      │
+               v                                      v
+┌──────────────────────────────┐       ┌─────────────────────────────────┐
+│     Generalized Claude       │       │         Coordinator             │
+│                              │       │                                 │
+│ [30+ MCP Tools]              │       │      [Task delegation]          │
+│ • BigQuery tools             │       └──────────────┬──────────────────┘
+│ • File tools                 │                      │
+│ • Git tools                  │       ┌──────────────┼──────────────────┐
+│ • GitHub tools               │       │              │                  │
+│ • Kafka tools                │       v              v                  v
+│ • ...                        │     ┌────────┐  ┌────────┐    ┌────────┐
+│                              │     │Data    │  │Code    │    │PR      │
+│ Overwhelmed &                │     │Expert  │  │Expert  │    │Expert  │
+│ Context switching            │     │[BQ]    │  │[Files] │    │[GitHub]│
+└──────────────────────────────┘     └────────┘  └────────┘    └────────┘
+```
+
+Claude-swarm is one AI that can hire specialist AIs. Each specialist lives in one domain. You talk to the manager not the specialists. Manager coordinates and gives you answers.
+
+It's NOT multiple AIs running at once. It's ONE AI with "summon expert" superpowers. Experts appear and answer questions. Then they disappear.
+
+## Three Key Features
+
+### Domain Isolation
+- Data expert can pull BigQuery and performance metrics
+- Code expert lives in gem source directory
+- PR Expert only cares about writing a quality PR
+- Each expert focused on their domain. Each expert with custom context and prompts.
+
+### Selective Tool Access
+- Data expert ONLY gets BigQuery and Kafka tools (prompt it with best practices and context for querying)
+- Code expert ONLY gets file and git tools. It instantiates in a specific repo (Prompt it and provide it special context)
+- PR expert ONLY gets PR/GH tools. Can prompt it with best practices for PR submissions/context
+
+### Coordinated Intelligence
+- You ask one question
+- Get answers from multiple domains, each with specialized context and prompts
+- "Why are pages loading slowly?"
+- Data expert finds timing spike at 2pm yesterday
+- Code expert finds the problem
+- Code expert fixes the problem
+- PR Expert creates the PR with your specifications
+
+## Example Configuration
+
+```yaml
+version: 1
+swarm:
+  name: "Performance Investigation"
+  main: coordinator
+  instances:
+    coordinator:
+      description: "Lead developer coordinating performance investigation"
+      directory: ~/storefront-web
+      connections: [data_expert, code_expert, pr_expert]
+      prompt: |
+        You are a senior lead developer coordinating a performance investigation team.
+        Your role is to delegate tasks to specialists and synthesize their findings.
+        
+        When investigating performance issues:
+        1. Start with data_expert to identify when/where problems occurred
+        2. Use code_expert to analyze code changes and identify root causes
+        3. Use pr_expert to implement fixes via pull requests
+        
+        Always provide clear, actionable summaries to the user.
+      
+    data_expert:
+      description: "Analyzes performance metrics and data"
+      directory: ~/analysis
+      tools: [data_mcp_portal_find_tables, data_mcp_portal_query]
+      prompt: |
+        You are a data analyst specializing in web performance metrics.
+        You have access to BigQuery and performance monitoring data.
+        
+        When analyzing performance issues:
+        - Always use partition filters (date-based) to limit query scope
+        - Look for correlations between timing spikes and deployments
+        - Focus on p95/p99 latencies, not just averages
+        - Identify affected user segments and geographic regions
+        
+        Provide specific timestamps and quantified impact metrics.
+      
+    code_expert:
+      description: "Analyzes code, dependencies, and implementations"
+      directory: ~/gems/http-client
+      tools: [read, grep, glob, git]
+      prompt: |
+        You are a senior Ruby developer specializing in performance optimization.
+        You work primarily with gems, dependencies, and low-level implementations.
+        
+        When investigating performance issues:
+        - Check recent version changes in Gemfile.lock
+        - Look for connection pooling, caching, and resource management patterns
+        - Identify blocking I/O operations and inefficient algorithms
+        - Consider memory allocation and garbage collection impacts
+        
+        Focus on actionable code-level fixes and configuration changes.
+        
+    pr_expert:
+      description: "Creates high-quality pull requests"
+      directory: ~/storefront-web
+      tools: [read, write, gh_cli, git]
+      prompt: |
+        You are a senior developer focused on creating excellent pull requests.
+        
+        For performance fixes:
+        - Write clear, specific titles: "Fix: Enable HTTP connection pooling for 40% latency reduction"
+        - Include before/after performance metrics in description
+        - Add links to supporting data analysis
+        - Include deployment considerations and rollback plans
+        - Add relevant reviewers based on affected systems
+        
+        Always follow the team's PR template and coding standards.
+```
+
+## Investigation and Fix Flow
+
+**You:** "Why are pages loading slowly?"
+
+**Coordinator asks data_expert:** "When did latency spike and what's the impact?"
+
+**Data expert:** 
+```sql
+-- Query shows latency spike at 2:15 PM yesterday
+-- P95 response time increased from 250ms to 890ms
+-- Affecting 15% of traffic, primarily checkout flows
+```
+
+**Coordinator asks code_expert:** "What changed around 2:15 PM yesterday that could cause this?"
+
+**Code expert:** 
+```ruby
+# Gemfile.lock shows http-client gem updated from 3.1.9 to 3.2.0 at 2:14 PM
+# Version 3.2.0 changelog: "Removed automatic connection pooling for thread safety"
+# Now creates new HTTP connection per request instead of reusing connections
+```
+
+**Coordinator:** "The http-client gem update removed connection pooling, causing 3x latency increase during checkout."
+
+**You:** "Fix this and create a PR"
+
+**Code expert:** "Two options: downgrade to 3.1.9 or configure explicit pooling with `pool_size: 10` in initializer"
+
+**PR expert:** "Created PR #1234: 'Fix: Enable HTTP connection pooling for 40% latency reduction' with performance benchmarks and rollback plan"
+

data/README.md

@@ -1,6 +1,6 @@
 # Claude Swarm
 
-[![Gem Version](https://badge.fury.io/rb/claude_swarm.svg?cache_bust=0.1.13)](https://badge.fury.io/rb/claude_swarm)
+[![Gem Version](https://badge.fury.io/rb/claude_swarm.svg?cache_bust=0.1.15)](https://badge.fury.io/rb/claude_swarm)
 [![CI](https://github.com/parruda/claude-swarm/actions/workflows/ci.yml/badge.svg)](https://github.com/parruda/claude-swarm/actions/workflows/ci.yml)
 
 Claude Swarm orchestrates multiple Claude Code instances as a collaborative AI development team. It enables running AI agents with specialized roles, tools, and directory contexts, communicating via MCP (Model Context Protocol) in a tree-like hierarchy. Define your swarm topology in simple YAML and let Claude instances delegate tasks through connected instances. Perfect for complex projects requiring specialized AI agents for frontend, backend, testing, DevOps, or research tasks.
@@ -113,7 +113,7 @@ swarm:
       directory: ./web-frontend/src
       model: opus
       prompt: "You specialize in React components and state management"
-      allowed_tools: [Edit, Write, "Bash(npm:*)"]
+      allowed_tools: [Edit, Write, Bash]
     
     css_expert:
       description: "CSS specialist handling styling and responsive design"
@@ -142,7 +142,7 @@ swarm:
       directory: ./api-server/db
       model: opus
       prompt: "You handle database schema and migrations"
-      allowed_tools: [Edit, Write, "Bash(psql:*, migrate:*)"]
+      allowed_tools: [Edit, Write, Bash]
     
     mobile_lead:
       description: "Mobile team lead coordinating cross-platform development"
@@ -157,21 +157,21 @@ swarm:
       directory: ./mobile-app/ios
       model: opus
       prompt: "You develop the iOS application"
-      allowed_tools: [Edit, Write, "Bash(xcodebuild:*, pod:*)"]
+      allowed_tools: [Edit, Write, Bash]
     
     android_dev:
       description: "Android developer creating native Android apps"
       directory: ./mobile-app/android
       model: opus
       prompt: "You develop the Android application"
-      allowed_tools: [Edit, Write, "Bash(gradle:*, adb:*)"]
+      allowed_tools: [Edit, Write, Bash]
     
     devops:
       description: "DevOps engineer managing CI/CD and infrastructure"
       directory: ./infrastructure
       model: opus
       prompt: "You handle CI/CD and infrastructure"
-      allowed_tools: [Read, Edit, "Bash(docker:*, kubectl:*)"]
+      allowed_tools: [Read, Edit, Bash]
 ```
 
 In this setup:
@@ -179,6 +179,7 @@ In this setup:
 - Each team lead can work with their specialized developers
 - Each instance is independent - connections create separate MCP server instances
 - Teams work in isolated directories with role-appropriate tools
+- Connected instances are accessible via MCP tools like `mcp__frontend_lead__task`, `mcp__backend_lead__task`, etc.
 
 
 ### Configuration Format
@@ -272,23 +273,22 @@ allowed_tools:
   - WebFetch       # Fetch web content
   - WebSearch      # Search the web
 
-disallowed_tools:  # Optional: explicitly deny specific tools
-  - "Write(*.md)"  # Don't allow writing markdown files
-  - "Bash(rm:*)"   # Don't allow rm commands
+# Note: Pattern-based tool restrictions have been deprecated.
+# Use allowed_tools and disallowed_tools with tool names only.
 ```
 
 Tools are passed to Claude using the `--allowedTools` and `--disallowedTools` flags with comma-separated values. Disallowed tools take precedence over allowed tools.
 
-#### Tool Restrictions
-
-You can restrict tools with pattern-based filters:
+#### Available Tools
 
 ```yaml
 allowed_tools:
-  - Read                    # Unrestricted read access
-  - Edit                    # Unrestricted edit access
-  - "Bash(npm:*)"          # Only allow npm commands
-  - "Bash(git:*, make:*)"  # Only allow git and make commands
+  - Read          # File reading
+  - Edit          # File editing
+  - Write         # File creation
+  - Bash          # Command execution
+  - WebFetch      # Fetch web content
+  - WebSearch     # Search the web
 ```
 
 ### Examples
@@ -419,7 +419,7 @@ swarm:
       description: "Worker with restricted permissions"
       directory: ./sensitive
       model: sonnet
-      allowed_tools: [Read, "Bash(ls:*)"]  # Only allow read and ls commands
+      allowed_tools: [Read, Bash]  # Allow read and bash commands
       
     trusted_worker:
       description: "Trusted worker with more permissions"
@@ -457,9 +457,8 @@ claude-swarm list-sessions --limit 20
 # Show version
 claude-swarm version
 
-# Start permission MCP server (for testing/debugging)
-claude-swarm tools-mcp --allowed-tools 'mcp__frontend__*,mcp__backend__*'
-claude-swarm tools-mcp --allowed-tools 'Read,Edit' --disallowed-tools 'Edit(*.log)'
+# Note: The permission MCP server has been deprecated. 
+# Tool permissions are now handled through allowed_tools and disallowed_tools in your configuration.
 
 # Internal command for MCP server (used by connected instances)
 claude-swarm mcp-serve INSTANCE_NAME --config CONFIG_FILE --session-timestamp TIMESTAMP
@@ -477,7 +476,7 @@ All session files are organized in `~/.claude-swarm/sessions/{project}/{timestam
 - `{instance_name}.mcp.json`: MCP configuration files
 - `session.log`: Human-readable request/response tracking
 - `session.log.json`: All events in JSONL format (one JSON per line)
-- `permissions.log`: Permission checks and decisions
+# Note: permissions.log is no longer generated as the permission MCP server has been deprecated
 
 #### Listing Sessions
 View your previous Claude Swarm sessions:
@@ -535,15 +534,11 @@ This will:
 2. **MCP Generation**: For each instance, it generates an MCP configuration file that includes:
    - Any explicitly defined MCP servers
    - MCP servers for each connected instance (using `claude-swarm mcp-serve`)
-   - A permission MCP server (unless using `--vibe` mode)
-3. **Tool Permissions**: Claude Swarm automatically manages tool permissions:
-   - Each instance's configured tools are allowed via the permission MCP
-   - Supports wildcard patterns (e.g., `mcp__frontend__*` allows all frontend MCP tools)
+3. **Tool Permissions**: Claude Swarm manages tool permissions through configuration:
+   - Each instance's `allowed_tools` specifies which tools it can use
+   - Connected instances are accessible via `mcp__<instance_name>__*` pattern
    - Disallowed tools take precedence over allowed tools for fine-grained control
-   - Eliminates the need to manually accept each tool or use global `--vibe` mode
    - Per-instance `vibe: true` skips all permission checks for that specific instance
-   - The permission MCP uses `--permission-prompt-tool` to check tool access
-   - Permission decisions are logged to `~/.claude-swarm/sessions/{project}/{timestamp}/permissions.log`
 4. **Session Persistence**: Claude Swarm automatically tracks session state:
    - Generates a shared session path for all instances
    - Each instance's Claude session ID is captured and saved

data/claude-swarm.yml

@@ -18,7 +18,7 @@ swarm:
       directory: .
       model: sonnet
       prompt: "You specialize in frontend development with React, TypeScript, and modern web technologies"
-      allowed_tools: [Read, Edit, Write, "Bash(npm:*)", "Bash(yarn:*)", "Bash(pnpm:*)"]
+      allowed_tools: [Read, Edit, Write, Bash]
 
     backend_dev:
       description: "Backend developer focusing on APIs, databases, and server architecture"
@@ -32,7 +32,7 @@ swarm:
     #   directory: .
     #   model: sonnet
     #   prompt: "You specialize in infrastructure, CI/CD, containerization, and deployment"
-    #   allowed_tools: [Read, Edit, Write, "Bash(docker:*)", "Bash(kubectl:*)", "Bash(terraform:*)"]
+    #   allowed_tools: [Read, Edit, Write, Bash]
 
     # qa_engineer:
     #   description: "QA engineer ensuring quality through comprehensive testing"

data/example/microservices-team.yml

@@ -58,7 +58,7 @@ swarm:
       allowed_tools:
         - Edit
         - Write
-        - "Bash(npm:*, yarn:*, jest:*)"
+        - Bash
     
     ui_designer:
       description: "UI/UX specialist creating responsive designs and managing design system"
@@ -91,7 +91,7 @@ swarm:
       allowed_tools:
         - Edit
         - Write
-        - "Bash(go:*, docker:*, make:*)"
+        - Bash
     
     api_gateway_dev:
       description: "API gateway developer managing request routing and rate limiting"
@@ -101,7 +101,7 @@ swarm:
       allowed_tools:
         - Edit
         - Write
-        - "Bash(go:*, docker:*, kong:*)"
+        - Bash
     
     core_service_dev:
       description: "Core business logic service developer"
@@ -111,7 +111,7 @@ swarm:
       allowed_tools:
         - Edit
         - Write
-        - "Bash(python:*, pip:*, pytest:*, docker:*)"
+        - Bash
     
     shared_lib_dev:
       description: "Shared libraries developer maintaining common code across services"
@@ -122,7 +122,7 @@ swarm:
       allowed_tools:
         - Edit
         - Write
-        - "Bash(npm:*, go:*, python:*)"
+        - Bash
     
     # Mobile Team
     mobile_lead:
@@ -143,7 +143,7 @@ swarm:
       allowed_tools:
         - Edit
         - Write
-        - "Bash(swift:*, xcodebuild:*, pod:*, fastlane:*)"
+        - Bash
     
     android_senior:
       description: "Senior Android developer creating Kotlin applications"
@@ -153,7 +153,7 @@ swarm:
       allowed_tools:
         - Edit
         - Write
-        - "Bash(gradle:*, adb:*, fastlane:*)"
+        - Bash
     
     # Data Team
     data_lead:
@@ -175,7 +175,7 @@ swarm:
       allowed_tools:
         - Edit
         - Write
-        - "Bash(python:*, airflow:*, spark:*, dbt:*)"
+        - Bash
     
     ml_engineer:
       description: "ML engineer developing and deploying machine learning models"
@@ -185,7 +185,7 @@ swarm:
       allowed_tools:
         - Edit
         - Write
-        - "Bash(python:*, jupyter:*, mlflow:*, docker:*)"
+        - Bash
     
     analytics_dev:
       description: "Analytics developer creating dashboards and reports"
@@ -195,7 +195,7 @@ swarm:
       allowed_tools:
         - Edit
         - Write
-        - "Bash(python:*, sql:*)"
+        - Bash
     
     # DevOps & Infrastructure
     devops_lead:
@@ -217,7 +217,7 @@ swarm:
       allowed_tools:
         - Edit
         - Write
-        - "Bash(kubectl:*, helm:*, prometheus:*, grafana:*)"
+        - Bash
     
     platform_engineer:
       description: "Platform engineer managing Kubernetes and container infrastructure"
@@ -227,7 +227,7 @@ swarm:
       allowed_tools:
         - Edit
         - Write
-        - "Bash(kubectl:*, helm:*, docker:*, istioctl:*)"
+        - Bash
     
     cloud_architect:
       description: "Cloud architect managing AWS/GCP infrastructure and costs"
@@ -237,7 +237,7 @@ swarm:
       allowed_tools:
         - Edit
         - Write
-        - "Bash(terraform:*, aws:*, gcloud:*)"
+        - Bash
     
     # Quality & Security
     qa_lead:
@@ -259,7 +259,7 @@ swarm:
       allowed_tools:
         - Edit
         - Write
-        - "Bash(npm:*, cypress:*, playwright:*)"
+        - Bash
     
     backend_qa:
       description: "Backend QA engineer creating API tests and integration tests"
@@ -269,7 +269,7 @@ swarm:
       allowed_tools:
         - Edit
         - Write
-        - "Bash(python:*, pytest:*, postman:*, k6:*)"
+        - Bash
     
     mobile_qa:
       description: "Mobile QA engineer testing iOS and Android applications"
@@ -279,7 +279,7 @@ swarm:
       allowed_tools:
         - Edit
         - Write
-        - "Bash(appium:*, xctest:*, espresso:*)"
+        - Bash
     
     security_lead:
       description: "Security lead ensuring application and infrastructure security"
@@ -290,4 +290,4 @@ swarm:
       allowed_tools:
         - Read
         - Edit
-        - "Bash(trivy:*, snyk:*, owasp:*)"
+        - Bash

data/example/test-generation.yml

@@ -36,7 +36,7 @@ swarm:
       description: "Unit test specialist focusing on models, services, and isolated business logic with Minitest"
       directory: ./spec
       model: opus
-      connections: [test_architect, factory_specialist]
+      connections: [factory_specialist]
       prompt: |
         You are a Rails unit testing expert specializing in Minitest. Your focus areas:
         
@@ -70,13 +70,13 @@ swarm:
         - Read
         - Edit
         - Write
-        - "Bash(bundle:*)"
+        - Bash
 
     integration_test_expert:
       description: "Integration test specialist for controllers, API endpoints, and request specs"
       directory: ./spec
       model: opus
-      connections: [test_architect, factory_specialist]
+      connections: [factory_specialist]
       prompt: |
         You are a Rails integration testing expert focusing on request specs and controller tests. Your expertise:
         
@@ -111,13 +111,12 @@ swarm:
         - Read
         - Edit
         - Write
-        - "Bash(bundle:*, rails:*)"
+        - Bash
 
     system_test_expert:
       description: "System test specialist for end-to-end user flows and JavaScript interactions"
       directory: ./spec/system
       model: opus
-      connections: [test_architect]
       prompt: |
         You are a Rails system testing expert using Capybara and Selenium. Your specialization:
         
@@ -155,13 +154,12 @@ swarm:
         - Read
         - Edit
         - Write
-        - "Bash(bundle:*)"
+        - Bash
 
     factory_specialist:
       description: "Test data specialist managing factories, traits, and test data generation"
       directory: ./spec/factories
       model: opus
-      connections: [test_architect, unit_test_expert, integration_test_expert]
       prompt: |
         You are a Rails test data expert specializing in FactoryBot. Your responsibilities:
         
@@ -200,13 +198,12 @@ swarm:
         - Read
         - Edit
         - Write
-        - "Bash(bundle:*)"
+        - Bash
 
     test_quality_reviewer:
       description: "Test quality assurance specialist ensuring best practices, coverage, and maintainability"
       directory: .
       model: opus
-      connections: [test_architect]
       prompt: |
         You are a Rails test quality reviewer ensuring all tests meet the highest standards. Your review criteria:
         
@@ -246,4 +243,4 @@ swarm:
         Provide actionable feedback to improve test quality and coverage.
       allowed_tools:
         - Read
-        - "Bash(bundle:*, rubocop:*)"
+        - Bash

data/lib/claude_swarm/claude_code_executor.rb

@@ -278,10 +278,18 @@ module ClaudeSwarm
       if @vibe
         cmd_array << "--dangerously-skip-permissions"
       else
+        # Build allowed tools list including MCP connections
+        allowed_tools = options[:allowed_tools] ? Array(options[:allowed_tools]).dup : []
+
+        # Add mcp__instance_name for each connection if we have instance info
+        options[:connections]&.each do |connection_name|
+          allowed_tools << "mcp__#{connection_name}"
+        end
+
         # Add allowed tools if any
-        if options[:allowed_tools]
-          tools = Array(options[:allowed_tools]).join(",")
-          cmd_array += ["--allowedTools", tools]
+        if allowed_tools.any?
+          tools_str = allowed_tools.join(",")
+          cmd_array += ["--allowedTools", tools_str]
         end
 
         # Add disallowed tools if any
@@ -289,9 +297,6 @@ module ClaudeSwarm
           disallowed_tools = Array(options[:disallowed_tools]).join(",")
           cmd_array += ["--disallowedTools", disallowed_tools]
         end
-
-        # Add permission prompt tool if not in vibe mode
-        cmd_array += ["--permission-prompt-tool", "mcp__permissions__check_permission"]
       end
 
       cmd_array