claude_swarm 0.1.5 → 0.1.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a6fa670f8d967ad8976c05b96fe3d2103125ec17e31e3c343bb38a3002dc5182
-  data.tar.gz: e4cb03e288ea20ac810414bd71e5a84c6d1bb9b4c77ee041a29deebb8270d7ee
+  metadata.gz: 0b5aa9e698fe0c055fc16aa5263df48a2c6e473179d5472e06f83c8845a3447c
+  data.tar.gz: ce36d61d30177b38e2f9dbb6f9b00fc1222f0d5ee4cb4539e75f912ad9777904
 SHA512:
-  metadata.gz: 06d9f249a5f0c52d13a6dc9d34b1b49d572d9432b0617a616cd9c3d35058b17320b23d63b3db641c55d5a812b810c6ea8fab4ae742555da483f28064360f3326
-  data.tar.gz: '082a16da97c25bffa67fcdf831a1b5c612b02f1ba3884a0a952eb77bf78f9cf22d045b728dad351b0cce8b201943dd972df4fd4301396ace0322fb1de0dd711a'
+  metadata.gz: ffbac2fb59e4f76ab39efe172a89d1a11b0893efd763770ba3f4c6e52785df44d19cc0db9a8dd87e2df52c05c7d8cceadc47deb2a8304e34ccb2c921b781842c
+  data.tar.gz: dd4eeb38f8d56c3cd41570fe0be0ccda029240893780d95c82c134ad02d91c840ba8fd3fb344dc205c7a3345e37fbce33b8f633abd076390783b31babaf6014d

data/.rubocop.yml

@@ -59,4 +59,7 @@ Metrics/ModuleLength:
   Enabled: false
 
 Minitest/MultipleAssertions:
+  Enabled: false
+
+Metrics/ParameterLists:
   Enabled: false

data/CHANGELOG.md

@@ -1,3 +1,28 @@
+## [0.1.7]
+
+### Added
+- **Vibe mode support**: Per-instance `vibe: true` configuration to skip all permission checks for specific instances
+- **Automatic permission management**: Built-in permission MCP server that handles tool authorization without manual approval
+- **Permission logging**: All permission checks are logged to `.claude-swarm/sessions/{timestamp}/permissions.log`
+- **Mixed permission modes**: Support for running some instances with full permissions while others remain restricted
+- **New CLI command**: `claude-swarm tools-mcp` for starting a standalone permission management MCP server
+- **Permission tool patterns**: Support for wildcard patterns in tool permissions (e.g., `mcp__frontend__*`)
+
+### Changed
+- Fixed `--system-prompt` to use `--append-system-prompt` for proper Claude Code integration
+- Added `--permission-prompt-tool` flag pointing to `mcp__permissions__check_permission` when not in vibe mode
+- Enhanced MCP generation to include a permission server for each instance (unless in vibe mode)
+
+### Technical Details
+- Permission checks use Fast MCP server with pattern matching for tool names
+- Each instance can have its own permission configuration independent of global settings
+- Permission decisions are made based on configured tool patterns with wildcard support
+
+## [0.1.6]
+- Refactor: move tools out of the ClaudeMcpServer class
+- Move logging into code executor and save instance interaction streams to session.log
+- Human readable logs with thoughts and tool calls
+
 ## [0.1.5]
 
 ### Changed

data/README.md

@@ -208,6 +208,7 @@ Each instance can have:
 - **tools**: Array of tools this instance can use
 - **mcps**: Array of additional MCP servers to connect
 - **prompt**: Custom system prompt to append to the instance
+- **vibe**: Enable vibe mode (--dangerously-skip-permissions) for this instance (default: false)
 
 ```yaml
 instance_name:
@@ -216,6 +217,7 @@ instance_name:
   model: opus
   connections: [other_instance1, other_instance2]
   prompt: "You are a specialized agent focused on..."
+  vibe: false  # Set to true to skip all permission checks for this instance
   tools:
     - Read
     - Edit
@@ -388,6 +390,37 @@ swarm:
         - Read
 ```
 
+#### Mixed Permission Modes
+
+You can have different permission modes for different instances:
+
+```yaml
+version: 1
+swarm:
+  name: "Mixed Mode Team"
+  main: lead
+  instances:
+    lead:
+      description: "Lead with full permissions"
+      directory: .
+      model: opus
+      vibe: true  # This instance runs with --dangerously-skip-permissions
+      connections: [restricted_worker, trusted_worker]
+      
+    restricted_worker:
+      description: "Worker with restricted permissions"
+      directory: ./sensitive
+      model: sonnet
+      tools: [Read, "Bash(ls:*)"]  # Only allow read and ls commands
+      
+    trusted_worker:
+      description: "Trusted worker with more permissions"
+      directory: ./workspace
+      model: sonnet
+      vibe: true  # This instance also skips permissions
+      tools: []  # Tools list ignored when vibe: true
+```
+
 ### Command Line Options
 
 ```bash
@@ -408,6 +441,9 @@ claude-swarm --prompt "Fix the bug in the payment module"
 # Show version
 claude-swarm version
 
+# Start permission MCP server (for testing/debugging)
+claude-swarm tools-mcp --allowed-tools 'mcp__frontend__*,mcp__backend__*'
+
 # Internal command for MCP server (used by connected instances)
 claude-swarm mcp-serve INSTANCE_NAME --config CONFIG_FILE --session-timestamp TIMESTAMP
 ```
@@ -418,18 +454,27 @@ claude-swarm mcp-serve INSTANCE_NAME --config CONFIG_FILE --session-timestamp TI
 2. **MCP Generation**: For each instance, it generates an MCP configuration file that includes:
    - Any explicitly defined MCP servers
    - MCP servers for each connected instance (using `claude-swarm mcp-serve`)
-3. **Session Management**: Claude Swarm maintains session continuity:
+   - A permission MCP server (unless using `--vibe` mode)
+3. **Tool Permissions**: Claude Swarm automatically manages tool permissions:
+   - Each instance's configured tools are allowed via the permission MCP
+   - Supports wildcard patterns (e.g., `mcp__frontend__*` allows all frontend MCP tools)
+   - Eliminates the need to manually accept each tool or use global `--vibe` mode
+   - Per-instance `vibe: true` skips all permission checks for that specific instance
+   - The permission MCP uses `--permission-prompt-tool` to check tool access
+   - Permission decisions are logged to `.claude-swarm/sessions/{timestamp}/permissions.log`
+4. **Session Management**: Claude Swarm maintains session continuity:
    - Generates a shared session timestamp for all instances
    - Each instance can maintain its own Claude session ID
    - Sessions can be reset via the MCP server interface
-4. **Main Instance Launch**: The main instance is launched with its MCP configuration, giving it access to all connected instances
-5. **Inter-Instance Communication**: Connected instances expose themselves as MCP servers with these tools:
+5. **Main Instance Launch**: The main instance is launched with its MCP configuration, giving it access to all connected instances
+6. **Inter-Instance Communication**: Connected instances expose themselves as MCP servers with these tools:
    - **task**: Execute tasks using Claude Code with configurable tools and return results. The tool description includes the instance name and description (e.g., "Execute a task using Agent frontend_dev. Frontend developer specializing in React and TypeScript")
    - **session_info**: Get current Claude session information including ID and working directory
    - **reset_session**: Reset the Claude session for a fresh start
-6. **Session Management**: All session files are organized in `.claude-swarm/sessions/{timestamp}/`:
+7. **Session Management**: All session files are organized in `.claude-swarm/sessions/{timestamp}/`:
    - MCP configuration files: `{instance_name}.mcp.json`
    - Session log: `session.log` with detailed request/response tracking
+   - Permission log: `permissions.log` with all permission checks and decisions
 
 ## Troubleshooting
 

data/claude-swarm.yml

@@ -6,9 +6,9 @@ swarm:
     lead_developer:
       description: "Lead developer coordinating the team and making architectural decisions"
       directory: .
-      model: sonnet
+      model: opus
       prompt: "You are the lead developer coordinating the team"
-      tools: [Read, Edit, Bash, Write]
+      vibe: true
       connections: [frontend_dev]
 
     # Example instances (uncomment and modify as needed):
@@ -16,6 +16,11 @@ swarm:
     frontend_dev:
       description: "Frontend developer specializing in React and modern web technologies"
       directory: .
-      model: sonnet
+      model: opus
       prompt: "You specialize in frontend development with React, TypeScript, and modern web technologies"
-      tools: [Read, Edit, Write, "Bash(npm:*)", "Bash(yarn:*)", "Bash(pnpm:*)"]
+      tools: [mcp__headless_browser__*]
+      mcps:
+        - name: headless_browser
+          type: stdio
+          command: bundle
+          args: ["exec", "hbt", "stdio"]

data/lib/claude_swarm/claude_code_executor.rb

@@ -2,43 +2,85 @@
 
 require "json"
 require "open3"
+require "logger"
+require "fileutils"
 
 module ClaudeSwarm
   class ClaudeCodeExecutor
-    attr_reader :session_id, :last_response, :working_directory
+    SWARM_DIR = ".claude-swarm"
+    SESSIONS_DIR = "sessions"
 
-    def initialize(working_directory: Dir.pwd, model: nil, mcp_config: nil, vibe: false)
+    attr_reader :session_id, :last_response, :working_directory, :logger, :session_timestamp
+
+    def initialize(working_directory: Dir.pwd, model: nil, mcp_config: nil, vibe: false, instance_name: nil, calling_instance: nil)
       @working_directory = working_directory
       @model = model
       @mcp_config = mcp_config
       @vibe = vibe
       @session_id = nil
       @last_response = nil
+      @instance_name = instance_name
+      @calling_instance = calling_instance
+
+      # Setup logging
+      setup_logging
     end
 
     def execute(prompt, options = {})
-      cmd_array = build_command_array(prompt, options)
-
-      stdout, stderr, status = Open3.capture3(*cmd_array, chdir: @working_directory)
-
-      raise ExecutionError, "Claude Code execution failed: #{stderr}" unless status.success?
+      # Log the request
+      log_request(prompt)
 
-      begin
-        response = JSON.parse(stdout)
-        @last_response = response
-
-        # Extract and store session ID from the response
-        @session_id = response["session_id"]
+      cmd_array = build_command_array(prompt, options)
 
-        response
-      rescue JSON::ParserError => e
-        raise ParseError, "Failed to parse JSON response: #{e.message}\nOutput: #{stdout}"
+      # Variables to collect output
+      stderr_output = []
+      result_response = nil
+
+      # Execute command with streaming
+      Open3.popen3(*cmd_array, chdir: @working_directory) do |stdin, stdout, stderr, wait_thread|
+        stdin.close
+
+        # Read stderr in a separate thread
+        stderr_thread = Thread.new do
+          stderr.each_line { |line| stderr_output << line }
+        end
+
+        # Process stdout line by line
+        stdout.each_line do |line|
+          json_data = JSON.parse(line.strip)
+
+          # Log each JSON event
+          log_streaming_event(json_data)
+
+          # Capture session_id from system init
+          @session_id = json_data["session_id"] if json_data["type"] == "system" && json_data["subtype"] == "init"
+
+          # Capture the final result
+          result_response = json_data if json_data["type"] == "result"
+        rescue JSON::ParserError => e
+          @logger.warn("Failed to parse JSON line: #{line.strip} - #{e.message}")
+        end
+
+        # Wait for stderr thread to finish
+        stderr_thread.join
+
+        # Check exit status
+        exit_status = wait_thread.value
+        unless exit_status.success?
+          error_msg = stderr_output.join
+          @logger.error("Execution error for #{@instance_name}: #{error_msg}")
+          raise ExecutionError, "Claude Code execution failed: #{error_msg}"
+        end
       end
-    end
 
-    def execute_text(prompt, options = {})
-      response = execute(prompt, options)
-      response["result"] || ""
+      # Ensure we got a result
+      raise ParseError, "No result found in stream output" unless result_response
+
+      result_response
+    rescue StandardError => e
+      @logger.error("Unexpected error for #{@instance_name}: #{e.class} - #{e.message}")
+      @logger.error("Backtrace: #{e.backtrace.join("\n")}")
+      raise
     end
 
     def reset_session
@@ -52,12 +94,90 @@ module ClaudeSwarm
 
     private
 
+    def setup_logging
+      # Use environment variable for session timestamp if available (set by orchestrator)
+      # Otherwise create a new timestamp
+      @session_timestamp = ENV["CLAUDE_SWARM_SESSION_TIMESTAMP"] || Time.now.strftime("%Y%m%d_%H%M%S")
+
+      # Ensure the session directory exists
+      session_dir = File.join(Dir.pwd, SWARM_DIR, SESSIONS_DIR, @session_timestamp)
+      FileUtils.mkdir_p(session_dir)
+
+      # Create logger with session.log filename
+      log_filename = "session.log"
+      log_path = File.join(session_dir, log_filename)
+      @logger = Logger.new(log_path)
+      @logger.level = Logger::INFO
+
+      # Custom formatter for better readability
+      @logger.formatter = proc do |severity, datetime, _progname, msg|
+        "[#{datetime.strftime("%Y-%m-%d %H:%M:%S.%L")}] [#{severity}] #{msg}\n"
+      end
+
+      @logger.info("Started Claude Code executor for instance: #{@instance_name}") if @instance_name
+    end
+
+    def log_request(prompt)
+      @logger.info("#{@calling_instance} -> #{@instance_name}: \n---\n#{prompt}\n---")
+    end
+
+    def log_response(response)
+      @logger.info(
+        "($#{response["total_cost"]} - #{response["duration_ms"]}ms) #{@instance_name} -> #{@calling_instance}: \n---\n#{response["result"]}\n---"
+      )
+    end
+
+    def log_streaming_event(event)
+      return log_system_message(event) if event["type"] == "system"
+
+      # Add specific details based on event type
+      case event["type"]
+      when "assistant"
+        log_assistant_message(event["message"])
+      when "user"
+        log_user_message(event["message"]["content"])
+      when "result"
+        log_response(event)
+      end
+    end
+
+    def log_system_message(event)
+      @logger.debug("SYSTEM: #{JSON.pretty_generate(event)}")
+    end
+
+    def log_assistant_message(msg)
+      return if msg["stop_reason"] == "end_turn" # that means it is not a thought but the final answer
+
+      content = msg["content"]
+      @logger.debug("ASSISTANT: #{JSON.pretty_generate(content)}")
+      tool_calls = content.select { |c| c["type"] == "tool_use" }
+      tool_calls.each do |tool_call|
+        arguments = tool_call["input"].to_json
+        arguments = "#{arguments[0..300]} ...}" if arguments.length > 300
+
+        @logger.info(
+          "Tool call from #{@instance_name} -> Tool: #{tool_call["name"]}, ID: #{tool_call["id"]}, Arguments: #{arguments}"
+        )
+      end
+
+      text = content.select { |c| c["type"] == "text" }
+      text.each do |t|
+        @logger.info("#{@instance_name} is thinking:\n---\n#{t["text"]}\n---")
+      end
+    end
+
+    def log_user_message(content)
+      @logger.debug("USER: #{JSON.pretty_generate(content)}")
+    end
+
     def build_command_array(prompt, options)
       cmd_array = ["claude"]
 
       # Add model if specified
       cmd_array += ["--model", @model]
 
+      cmd_array << "--verbose"
+
       # Add MCP config if specified
       cmd_array += ["--mcp-config", @mcp_config] if @mcp_config
 
@@ -65,13 +185,13 @@ module ClaudeSwarm
       cmd_array += ["--resume", @session_id] if @session_id && !options[:new_session]
 
       # Always use JSON output format for structured responses
-      cmd_array += ["--output-format", "json"]
+      cmd_array += ["--output-format", "stream-json"]
 
       # Add non-interactive mode with prompt
       cmd_array += ["--print", "-p", prompt]
 
       # Add any custom system prompt
-      cmd_array += ["--system-prompt", options[:system_prompt]] if options[:system_prompt]
+      cmd_array += ["--append-system-prompt", options[:system_prompt]] if options[:system_prompt]
 
       # Add any allowed tools or vibe flag
       if @vibe
@@ -81,6 +201,9 @@ module ClaudeSwarm
         cmd_array += ["--allowedTools", tools]
       end
 
+      # Add permission prompt tool if not in vibe mode
+      cmd_array += ["--permission-prompt-tool", "mcp__permissions__check_permission"] unless @vibe
+
       cmd_array
     end
 

data/lib/claude_swarm/claude_mcp_server.rb

@@ -2,15 +2,13 @@
 
 require "fast_mcp"
 require "json"
-require "fileutils"
-require "logger"
 require_relative "claude_code_executor"
+require_relative "task_tool"
+require_relative "session_info_tool"
+require_relative "reset_session_tool"
 
 module ClaudeSwarm
   class ClaudeMcpServer
-    SWARM_DIR = ".claude-swarm"
-    SESSIONS_DIR = "sessions"
-
     # Class variables to share state with tool classes
     class << self
       attr_accessor :executor, :instance_config, :logger, :session_timestamp, :calling_instance
@@ -23,46 +21,19 @@ module ClaudeSwarm
         working_directory: instance_config[:directory],
         model: instance_config[:model],
         mcp_config: instance_config[:mcp_config_path],
-        vibe: instance_config[:vibe]
+        vibe: instance_config[:vibe],
+        instance_name: instance_config[:name],
+        calling_instance: calling_instance
       )
 
-      # Setup logging
-      setup_logging
-
       # Set class variables so tools can access them
       self.class.executor = @executor
       self.class.instance_config = @instance_config
-      self.class.logger = @logger
+      self.class.logger = @executor.logger
+      self.class.session_timestamp = @executor.session_timestamp
       self.class.calling_instance = @calling_instance
     end
 
-    private
-
-    def setup_logging
-      # Use environment variable for session timestamp if available (set by orchestrator)
-      # Otherwise create a new timestamp
-      self.class.session_timestamp ||= ENV["CLAUDE_SWARM_SESSION_TIMESTAMP"] || Time.now.strftime("%Y%m%d_%H%M%S")
-
-      # Ensure the session directory exists
-      session_dir = File.join(Dir.pwd, SWARM_DIR, SESSIONS_DIR, self.class.session_timestamp)
-      FileUtils.mkdir_p(session_dir)
-
-      # Create logger with session.log filename
-      log_filename = "session.log"
-      log_path = File.join(session_dir, log_filename)
-      @logger = Logger.new(log_path)
-      @logger.level = Logger::INFO
-
-      # Custom formatter for better readability
-      @logger.formatter = proc do |severity, datetime, _progname, msg|
-        "[#{datetime.strftime("%Y-%m-%d %H:%M:%S.%L")}] [#{severity}] #{msg}\n"
-      end
-
-      @logger.info("Started MCP server for instance: #{@instance_config[:name]}")
-    end
-
-    public
-
     def start
       server = FastMcp::Server.new(
         name: @instance_config[:name],
@@ -84,120 +55,5 @@ module ClaudeSwarm
       # Start the stdio server
       server.start
     end
-
-    class TaskTool < FastMcp::Tool
-      tool_name "task"
-      description "Execute a task using Claude Code"
-
-      arguments do
-        required(:prompt).filled(:string).description("The task or question for the agent")
-        optional(:new_session).filled(:bool).description("Start a new session (default: false)")
-        optional(:system_prompt).filled(:string).description("Override the system prompt for this request")
-      end
-
-      def call(prompt:, new_session: false, system_prompt: nil)
-        executor = ClaudeMcpServer.executor
-        instance_config = ClaudeMcpServer.instance_config
-        logger = ClaudeMcpServer.logger
-
-        options = {
-          new_session: new_session,
-          system_prompt: system_prompt || instance_config[:prompt]
-        }
-
-        # Add allowed tools from instance config
-        options[:allowed_tools] = instance_config[:tools] if instance_config[:tools]&.any?
-
-        begin
-          # Log the request
-          log_entry = {
-            timestamp: Time.now.utc.iso8601,
-            from_instance: ClaudeMcpServer.calling_instance, # The instance making the request
-            to_instance: instance_config[:name], # This instance is receiving the request
-            model: instance_config[:model],
-            working_directory: instance_config[:directory],
-            session_id: executor.session_id,
-            request: {
-              prompt: prompt,
-              new_session: new_session,
-              system_prompt: options[:system_prompt],
-              allowed_tools: options[:allowed_tools]
-            }
-          }
-
-          logger.info("REQUEST: #{JSON.pretty_generate(log_entry)}")
-
-          response = executor.execute(prompt, options)
-
-          # Log the response
-          response_entry = {
-            timestamp: Time.now.utc.iso8601,
-            from_instance: instance_config[:name], # This instance is sending the response
-            to_instance: ClaudeMcpServer.calling_instance, # The instance that made the request receives the response
-            session_id: executor.session_id, # Update with new session ID if changed
-            response: {
-              result: response["result"],
-              cost_usd: response["cost_usd"],
-              duration_ms: response["duration_ms"],
-              is_error: response["is_error"],
-              total_cost: response["total_cost"]
-            }
-          }
-
-          logger.info("RESPONSE: #{JSON.pretty_generate(response_entry)}")
-
-          # Return just the result text as expected by MCP
-          response["result"]
-        rescue ClaudeCodeExecutor::ExecutionError => e
-          logger.error("Execution error for #{instance_config[:name]}: #{e.message}")
-          raise StandardError, "Execution failed: #{e.message}"
-        rescue ClaudeCodeExecutor::ParseError => e
-          logger.error("Parse error for #{instance_config[:name]}: #{e.message}")
-          raise StandardError, "Parse error: #{e.message}"
-        rescue StandardError => e
-          logger.error("Unexpected error for #{instance_config[:name]}: #{e.class} - #{e.message}")
-          logger.error("Backtrace: #{e.backtrace.join("\n")}")
-          raise StandardError, "Unexpected error: #{e.message}"
-        end
-      end
-    end
-
-    class SessionInfoTool < FastMcp::Tool
-      tool_name "session_info"
-      description "Get information about the current Claude session for this agent"
-
-      arguments do
-        # No arguments needed
-      end
-
-      def call
-        executor = ClaudeMcpServer.executor
-
-        {
-          has_session: executor.has_session?,
-          session_id: executor.session_id,
-          working_directory: executor.working_directory
-        }
-      end
-    end
-
-    class ResetSessionTool < FastMcp::Tool
-      tool_name "reset_session"
-      description "Reset the Claude session for this agent, starting fresh on the next task"
-
-      arguments do
-        # No arguments needed
-      end
-
-      def call
-        executor = ClaudeMcpServer.executor
-        executor.reset_session
-
-        {
-          success: true,
-          message: "Session has been reset"
-        }
-      end
-    end
   end
 end

data/lib/claude_swarm/cli.rb

@@ -5,6 +5,7 @@ require_relative "configuration"
 require_relative "mcp_generator"
 require_relative "orchestrator"
 require_relative "claude_mcp_server"
+require_relative "permission_mcp_server"
 
 module ClaudeSwarm
   class CLI < Thor
@@ -156,6 +157,20 @@ module ClaudeSwarm
       say "Claude Swarm #{VERSION}"
     end
 
+    desc "tools-mcp", "Start a permission management MCP server for tool access control"
+    method_option :allowed_tools, aliases: "-t", type: :array,
+                                  desc: "Comma-separated list of allowed tool patterns (supports wildcards)"
+    method_option :debug, type: :boolean, default: false,
+                          desc: "Enable debug output"
+    def tools_mcp
+      server = PermissionMcpServer.new(allowed_tools: options[:allowed_tools])
+      server.start
+    rescue StandardError => e
+      error "Error starting permission MCP server: #{e.message}"
+      error e.backtrace.join("\n") if options[:debug]
+      exit 1
+    end
+
     default_task :start
 
     private

data/lib/claude_swarm/configuration.rb

@@ -84,7 +84,8 @@ module ClaudeSwarm
         tools: Array(config["tools"]),
         mcps: parse_mcps(config["mcps"] || []),
         prompt: config["prompt"],
-        description: config["description"]
+        description: config["description"],
+        vibe: config["vibe"] || false
       }
     end
 

data/lib/claude_swarm/mcp_generator.rb

@@ -58,6 +58,9 @@ module ClaudeSwarm
         mcp_servers[connection_name] = build_instance_mcp_config(connection_name, connected_instance, calling_instance: name)
       end
 
+      # Add permission MCP server if not in vibe mode (global or instance-specific)
+      mcp_servers["permissions"] = build_permission_mcp_config(instance[:tools]) unless @vibe || instance[:vibe]
+
       config = {
         "mcpServers" => mcp_servers
       }
@@ -106,7 +109,7 @@ module ClaudeSwarm
 
       args.push("--calling-instance", calling_instance) if calling_instance
 
-      args.push("--vibe") if @vibe
+      args.push("--vibe") if @vibe || instance[:vibe]
 
       {
         "type" => "stdio",
@@ -114,5 +117,23 @@ module ClaudeSwarm
         "args" => args
       }
     end
+
+    def build_permission_mcp_config(allowed_tools)
+      exe_path = "claude-swarm"
+
+      args = ["tools-mcp"]
+
+      # Add allowed tools if specified
+      args.push("--allowed-tools", allowed_tools.join(",")) if allowed_tools && !allowed_tools.empty?
+
+      {
+        "type" => "stdio",
+        "command" => exe_path,
+        "args" => args,
+        "env" => {
+          "CLAUDE_SWARM_SESSION_TIMESTAMP" => @timestamp
+        }
+      }
+    end
   end
 end