@co0ontty/wand 1.3.4 → 1.3.6

package/dist/claude-pty-bridge.d.ts

@@ -23,6 +23,16 @@ interface PermissionState {
     lastAutoConfirmAt: number;
     /** Timer for delayed auto-approve (gives CLI time to be ready) */
     pendingAutoApproveTimer: ReturnType<typeof setTimeout> | null;
+    /** Fallback auto-approve: verification deadline timestamp */
+    fallbackVerifyUntil: number;
+    /** Fallback auto-approve: context for logging */
+    fallbackContext: {
+        score: number;
+        matched: string[];
+        text: string;
+    } | null;
+    /** Output length snapshot taken right before fallback auto-approve fires */
+    fallbackOutputLenAtApprove: number;
 }
 /** Permission resolution result */
 export type PermissionResolution = "approve_once" | "approve_turn" | "deny";
@@ -73,6 +83,10 @@ export declare class ClaudePtyBridge extends EventEmitter {
     private _exited;
     private rememberedScopes;
     private rememberedTargets;
+    private lastOutputAt;
+    private lastUserInputAt;
+    private idleProbeTimer;
+    private lastIdleProbeAt;
     constructor(options: ClaudePtyBridgeOptions);
     /**
      * Process a raw PTY chunk.
@@ -125,7 +139,25 @@ export declare class ClaudePtyBridge extends EventEmitter {
      * selection prompt time to fully render and enter its input loop before we send \r.
      */
     private scheduleAutoApprove;
+    /**
+     * Schedule a fallback auto-approve with false-positive verification.
+     * Similar to scheduleAutoApprove but sets up post-approve monitoring.
+     */
+    private scheduleFallbackAutoApprove;
     private cancelPendingAutoApprove;
+    /**
+     * Reset the idle probe timer. Called on every new output chunk.
+     * If the terminal goes idle (no output for IDLE_PROBE_DELAY_MS) while
+     * auto-approve is enabled and no permission is currently detected,
+     * we send a speculative \r to catch prompts that all detection layers missed.
+     */
+    private resetIdleProbeTimer;
+    private clearIdleProbeTimer;
+    /**
+     * Idle probe: the terminal has been quiet for a while. If conditions suggest
+     * a stuck permission prompt, send a speculative \r and monitor the result.
+     */
+    private maybeIdleProbe;
     private isPermissionPromptDetected;
     private extractPromptText;
     private extractPermissionTarget;

package/dist/claude-pty-bridge.js

@@ -7,12 +7,18 @@
  * 2. Structured messages for chat view (parsed)
  */
 import { EventEmitter } from "node:events";
-import { stripAnsi, isNoiseLine, appendWindow, normalizePromptText, hasExplicitConfirmSyntax, hasPermissionActionContext } from "./pty-text-utils.js";
+import { stripAnsi, isNoiseLine, appendWindow, normalizePromptText, hasExplicitConfirmSyntax, hasPermissionActionContext, scorePermissionLikelihood, FALLBACK_SCORE_THRESHOLD } from "./pty-text-utils.js";
 // ── Constants ──
 const OUTPUT_MAX_SIZE = 120000;
 const SESSION_ID_WINDOW_SIZE = 16384;
 const PERMISSION_WINDOW_SIZE = 2000;
 const AUTO_APPROVE_DELAY_MS = 150;
+/** How long to monitor output after fallback auto-approve for false-positive detection */
+const FALLBACK_VERIFY_WINDOW_MS = 600;
+/** How long a session must be idle (no user input, no new output) before sending a probe */
+const IDLE_PROBE_DELAY_MS = 3000;
+/** Minimum time between idle probes */
+const IDLE_PROBE_COOLDOWN_MS = 5000;
 const UUID_PATTERN = "([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})";
 const CLAUDE_SESSION_ID_PATTERNS = [
     new RegExp(`"session_id"\\s*:\\s*"${UUID_PATTERN}"`, "i"),
@@ -63,6 +69,11 @@ export class ClaudePtyBridge extends EventEmitter {
     // Permission memory for "approve_turn" policy
     rememberedScopes = new Set();
     rememberedTargets = new Set();
+    // Idle probe state (last-resort robustness)
+    lastOutputAt;
+    lastUserInputAt;
+    idleProbeTimer;
+    lastIdleProbeAt;
     constructor(options) {
         super();
         this.sessionId = options.sessionId;
@@ -87,8 +98,15 @@ export class ClaudePtyBridge extends EventEmitter {
             lastTarget: null,
             lastAutoConfirmAt: 0,
             pendingAutoApproveTimer: null,
+            fallbackVerifyUntil: 0,
+            fallbackContext: null,
+            fallbackOutputLenAtApprove: 0,
         };
         this.sessionIdWindow = "";
+        this.lastOutputAt = 0;
+        this.lastUserInputAt = 0;
+        this.idleProbeTimer = null;
+        this.lastIdleProbeAt = 0;
     }
     // ── Core API ──
     /**
@@ -101,6 +119,7 @@ export class ClaudePtyBridge extends EventEmitter {
             return;
         // 1. Append to raw output
         this.rawOutput = appendWindow(this.rawOutput, normalizePtyOutput(chunk), OUTPUT_MAX_SIZE);
+        this.lastOutputAt = Date.now();
         // 2. Emit raw output event (for terminal view)
         this.emitEvent({
             type: "output.raw",
@@ -117,6 +136,10 @@ export class ClaudePtyBridge extends EventEmitter {
             this.chatState.buffer += chunk;
             this.parseChatResponse();
         }
+        // 6. Reset idle probe timer on new output
+        if (this.autoApprove && this.isClaudeCommand) {
+            this.resetIdleProbeTimer();
+        }
     }
     /**
      * Called when user sends input.
@@ -126,13 +149,12 @@ export class ClaudePtyBridge extends EventEmitter {
         // Guard against post-exit calls
         if (this._exited)
             return;
+        this.lastUserInputAt = Date.now();
         // Filter out non-chat input (control chars, etc.)
         if (!this.isRealChatInput(input)) {
-            process.stderr.write(`[Bridge] Input filtered as non-chat: ${input.substring(0, 50)}\n`);
             return;
         }
         const cleanInput = input.replace(/[\r\n]+$/, "").trim();
-        process.stderr.write(`[Bridge] Starting chat tracking for: ${cleanInput.substring(0, 50)}\n`);
         // Add user message
         this.messages.push({
             role: "user",
@@ -181,6 +203,7 @@ export class ClaudePtyBridge extends EventEmitter {
         }
         // Clear permission state — prevents stale blocked state after exit
         this.cancelPendingAutoApprove();
+        this.clearIdleProbeTimer();
         this.permissionState.isBlocked = false;
         this.permissionState.lastPrompt = null;
         this.permissionState.lastScope = null;
@@ -334,7 +357,75 @@ export class ClaudePtyBridge extends EventEmitter {
             return;
         this.permissionState.window = appendWindow(this.permissionState.window, chunk, PERMISSION_WINDOW_SIZE);
         const normalized = normalizePromptText(this.permissionState.window);
+        // ── Fallback false-positive detection ──
+        // After a fallback auto-approve, monitor output for signs it was wrong
+        if (this.permissionState.fallbackContext) {
+            const now = Date.now();
+            if (now < this.permissionState.fallbackVerifyUntil) {
+                // Check if the output grew with a prompt echo (false positive: \r was consumed as input)
+                const outputGrew = this.rawOutput.length > this.permissionState.fallbackOutputLenAtApprove;
+                if (outputGrew) {
+                    // Check if the new output looks like Claude echoed our empty input (prompt re-appeared)
+                    const newOutput = this.rawOutput.slice(this.permissionState.fallbackOutputLenAtApprove);
+                    const stripped = stripAnsi(newOutput).trim();
+                    // If we see a bare prompt symbol and no permission keywords → likely false positive
+                    const looksLikeFalsePositive = /^❯\s*$/.test(stripped)
+                        || (stripped.includes("❯") && !this.isPermissionPromptDetected(normalized));
+                    if (looksLikeFalsePositive) {
+                        const ctx = this.permissionState.fallbackContext;
+                        this.emitEvent({
+                            type: "permission.resolved",
+                            sessionId: this.sessionId,
+                            timestamp: now,
+                            data: {
+                                resolution: "approve_once",
+                                autoApproved: true,
+                                approveType: "fallback",
+                                falsePositive: true,
+                                score: ctx.score,
+                                matched: ctx.matched,
+                                tail: ctx.text,
+                            },
+                        });
+                        this.permissionState.fallbackContext = null;
+                        return;
+                    }
+                }
+            }
+            else {
+                // Verification window expired — assume it was correct
+                const ctx = this.permissionState.fallbackContext;
+                this.emitEvent({
+                    type: "permission.resolved",
+                    sessionId: this.sessionId,
+                    timestamp: now,
+                    data: {
+                        resolution: "approve_once",
+                        autoApproved: true,
+                        approveType: "fallback",
+                        falsePositive: false,
+                        score: ctx.score,
+                        matched: ctx.matched,
+                        tail: ctx.text,
+                    },
+                });
+                this.permissionState.fallbackContext = null;
+            }
+        }
         const blocked = this.isPermissionPromptDetected(normalized);
+        // ── Fallback: weighted keyword scoring ──
+        // If strict detection missed but auto-approve is on, try scoring
+        if (!blocked && !this.permissionState.isBlocked && this.autoApprove) {
+            const { score, matched } = scorePermissionLikelihood(normalized);
+            if (score >= FALLBACK_SCORE_THRESHOLD) {
+                const target = this.extractPermissionTarget(normalized);
+                const scope = this.inferScope(normalized, target);
+                const lines = normalized.split("\n");
+                const tailText = lines.slice(-8).join("\n");
+                this.scheduleFallbackAutoApprove(scope, target, { score, matched, text: tailText });
+                return;
+            }
+        }
         // If state hasn't changed, check if a new distinct prompt appeared while already blocked
         if (this.permissionState.isBlocked === blocked) {
             if (blocked) {
@@ -409,12 +500,10 @@ export class ClaudePtyBridge extends EventEmitter {
         if (this.permissionState.pendingAutoApproveTimer)
             return;
         this.permissionState.lastAutoConfirmAt = now;
-        process.stderr.write(`[wand] Scheduling auto-confirm for ${scope}${target ? `: ${target}` : ""} (${AUTO_APPROVE_DELAY_MS}ms)\n`);
         this.permissionState.pendingAutoApproveTimer = setTimeout(() => {
             this.permissionState.pendingAutoApproveTimer = null;
             if (this._exited)
                 return;
-            process.stderr.write(`[wand] Auto-confirming permission for ${scope}${target ? `: ${target}` : ""}\n`);
             if (this.ptyWrite) {
                 this.ptyWrite("\r");
             }
@@ -427,16 +516,107 @@ export class ClaudePtyBridge extends EventEmitter {
                 type: "permission.resolved",
                 sessionId: this.sessionId,
                 timestamp: Date.now(),
-                data: { resolution: "approve_once", autoApproved: true },
+                data: { resolution: "approve_once", autoApproved: true, approveType: "strict" },
             });
         }, AUTO_APPROVE_DELAY_MS);
     }
+    /**
+     * Schedule a fallback auto-approve with false-positive verification.
+     * Similar to scheduleAutoApprove but sets up post-approve monitoring.
+     */
+    scheduleFallbackAutoApprove(scope, target, context) {
+        const now = Date.now();
+        if (now - this.permissionState.lastAutoConfirmAt < 500)
+            return;
+        if (this.permissionState.pendingAutoApproveTimer)
+            return;
+        this.permissionState.lastAutoConfirmAt = now;
+        this.permissionState.pendingAutoApproveTimer = setTimeout(() => {
+            this.permissionState.pendingAutoApproveTimer = null;
+            if (this._exited)
+                return;
+            // Snapshot output length before sending \r for false-positive detection
+            this.permissionState.fallbackOutputLenAtApprove = this.rawOutput.length;
+            this.permissionState.fallbackVerifyUntil = Date.now() + FALLBACK_VERIFY_WINDOW_MS;
+            this.permissionState.fallbackContext = context;
+            if (this.ptyWrite) {
+                this.ptyWrite("\r");
+            }
+            // Don't clear isBlocked/window here — let the verification logic in detectPermission handle it
+            this.permissionState.isBlocked = false;
+            this.permissionState.window = "";
+            this.permissionState.lastPrompt = null;
+            this.permissionState.lastScope = null;
+            this.permissionState.lastTarget = null;
+        }, AUTO_APPROVE_DELAY_MS);
+    }
     cancelPendingAutoApprove() {
         if (this.permissionState.pendingAutoApproveTimer) {
             clearTimeout(this.permissionState.pendingAutoApproveTimer);
             this.permissionState.pendingAutoApproveTimer = null;
         }
     }
+    // ── Idle Probe (last-resort robustness) ──
+    /**
+     * Reset the idle probe timer. Called on every new output chunk.
+     * If the terminal goes idle (no output for IDLE_PROBE_DELAY_MS) while
+     * auto-approve is enabled and no permission is currently detected,
+     * we send a speculative \r to catch prompts that all detection layers missed.
+     */
+    resetIdleProbeTimer() {
+        this.clearIdleProbeTimer();
+        this.idleProbeTimer = setTimeout(() => {
+            this.idleProbeTimer = null;
+            this.maybeIdleProbe();
+        }, IDLE_PROBE_DELAY_MS);
+    }
+    clearIdleProbeTimer() {
+        if (this.idleProbeTimer) {
+            clearTimeout(this.idleProbeTimer);
+            this.idleProbeTimer = null;
+        }
+    }
+    /**
+     * Idle probe: the terminal has been quiet for a while. If conditions suggest
+     * a stuck permission prompt, send a speculative \r and monitor the result.
+     */
+    maybeIdleProbe() {
+        if (this._exited || !this.autoApprove || !this.ptyWrite)
+            return;
+        // Don't probe if permission is already detected or fallback is pending verification
+        if (this.permissionState.isBlocked)
+            return;
+        if (this.permissionState.fallbackContext)
+            return;
+        if (this.permissionState.pendingAutoApproveTimer)
+            return;
+        const now = Date.now();
+        // Cooldown between probes
+        if (now - this.lastIdleProbeAt < IDLE_PROBE_COOLDOWN_MS)
+            return;
+        // Don't probe if user recently sent input (they're actively interacting)
+        if (now - this.lastUserInputAt < IDLE_PROBE_DELAY_MS)
+            return;
+        // Only probe if output stopped recently (not ancient idle sessions)
+        if (now - this.lastOutputAt > 15000)
+            return;
+        // Quick heuristic: check if recent output has ANY permission-like keywords
+        const normalized = normalizePromptText(this.permissionState.window);
+        const { score, matched } = scorePermissionLikelihood(normalized);
+        // Lower threshold than fallback — we're being speculative
+        if (score < 4)
+            return;
+        this.lastIdleProbeAt = now;
+        // Snapshot output before probe
+        this.permissionState.fallbackOutputLenAtApprove = this.rawOutput.length;
+        this.permissionState.fallbackVerifyUntil = now + FALLBACK_VERIFY_WINDOW_MS;
+        this.permissionState.fallbackContext = {
+            score,
+            matched,
+            text: normalized.split("\n").slice(-8).join("\n"),
+        };
+        this.ptyWrite("\r");
+    }
     isPermissionPromptDetected(normalized) {
         const hasIntent = /\bdo you want to\b/i.test(normalized)
             || /\bwould you like to\b/i.test(normalized)
@@ -495,10 +675,8 @@ export class ClaudePtyBridge extends EventEmitter {
             }
             this.chatState.echoSkipped = true;
             this.chatState.buffer = clean.slice(echoEndIndex);
-            process.stderr.write(`[Bridge] Echo skipped, remaining length: ${this.chatState.buffer.length}\n`);
         }
         if (this.detectCompletion(this.chatState.buffer)) {
-            process.stderr.write("[Bridge] Completion detected, finalizing\n");
             this.finalizeResponse();
             return;
         }

package/dist/process-manager.js

@@ -9,7 +9,7 @@ import { SessionLogger } from "./session-logger.js";
 import { SessionLifecycleManager } from "./session-lifecycle.js";
 import { ClaudePtyBridge } from "./claude-pty-bridge.js";
 import { appendWindow, hasExplicitConfirmSyntax, hasPermissionActionContext, normalizePromptText } from "./pty-text-utils.js";
-import { getResumeCommandSessionId, hasLiveProjectConversation, hasRealConversationMessages, hasStoredProjectConversation, shouldAllowResume, shouldDisplayResumeAction, } from "./resume-policy.js";
+import { getResumeCommandSessionId, hasRealConversationMessages, } from "./resume-policy.js";
 /** Check if the current process is running as root (UID 0). */
 function isRunningAsRoot() {
     return process.getuid?.() === 0 || process.geteuid?.() === 0;
@@ -26,20 +26,6 @@ export class SessionInputError extends Error {
         this.name = "SessionInputError";
     }
 }
-const PROMPT_PATTERNS = [
-    /(?:^|\b)(?:press\s+)?(?:y|yes)\s*(?:\/|\bor\b)\s*(?:n|no)(?:\b|$)/i,
-    /\[(?:y|yes)\s*\/\s*(?:n|no)\]/i,
-    /\((?:y|yes)\s*\/\s*(?:n|no)\)/i,
-    /\((?:y|yes)\s*\/\s*(?:n|no)\s*\/\s*always\)/i,
-    /\bcontinue\?\s*(?:\((?:y|yes)\s*\/\s*(?:n|no)\))?/i,
-    /\bare you sure\??/i,
-    /\bdo you want to continue\??/i,
-    /\bdo you want to (?:create|write|delete|modify|execute)\b/i,
-    /\bconfirm(?:\s+execution|\s+changes|\s+action)?\??/i,
-    /\bproceed\?\s*(?:\((?:y|yes)\s*\/\s*(?:n|no)\))?/i,
-    /\benter to confirm\b/i,
-    /\bgrant\b.*\bpermission\b/i,
-];
 const REAL_CONVERSATION_MIN_LINES = 2;
 const DISCOVERY_RECENT_WINDOW_MS = 10 * 60 * 1000;
 const START_TIME_SKEW_MS = 30 * 1000;
@@ -89,132 +75,6 @@ function readClaudeProjectSessionDetails(filePath, id) {
         return null;
     }
 }
-function hasVisibleProjectConversation(messages) {
-    return shouldDisplayResumeAction(messages);
-}
-function hasRecoverableProjectConversation(messages) {
-    return shouldAllowResume({ claudeSessionId: "resume-candidate", messages });
-}
-function shouldBindLiveProjectSessionId(messages) {
-    return hasLiveProjectConversation(messages);
-}
-function shouldBackfillStoredProjectSessionId(messages) {
-    return hasStoredProjectConversation(messages);
-}
-function shouldDisplayVisibleProjectSessionId(messages) {
-    return hasVisibleProjectConversation(messages);
-}
-function shouldResumeRecoverableProjectSessionId(messages) {
-    return hasRecoverableProjectConversation(messages);
-}
-function canBindLiveProjectSession(record) {
-    return shouldBindLiveProjectSessionId(record.messages);
-}
-function canBackfillStoredProjectSession(record) {
-    return shouldBackfillStoredProjectSessionId(record.messages);
-}
-function canDisplayVisibleProjectSession(messages) {
-    return shouldDisplayVisibleProjectSessionId(messages);
-}
-function canResumeRecoverableProjectSession(messages) {
-    return shouldResumeRecoverableProjectSessionId(messages);
-}
-function shouldAdoptProjectSessionDuringRuntime(record) {
-    return canBindLiveProjectSession(record);
-}
-function shouldAdoptProjectSessionDuringBackfill(record) {
-    return canBackfillStoredProjectSession(record);
-}
-function shouldAdoptProjectSessionForUi(messages) {
-    return canDisplayVisibleProjectSession(messages);
-}
-function shouldAdoptProjectSessionForResume(messages) {
-    return canResumeRecoverableProjectSession(messages);
-}
-function hasRuntimeProjectAdoption(messages) {
-    return shouldAdoptProjectSessionForUi(messages);
-}
-function hasBackfillProjectAdoption(messages) {
-    return shouldBackfillStoredProjectSessionId(messages);
-}
-function hasUiProjectAdoption(messages) {
-    return shouldAdoptProjectSessionForUi(messages);
-}
-function hasResumeProjectAdoption(messages) {
-    return shouldAdoptProjectSessionForResume(messages);
-}
-function shouldAdoptProjectSession(record) {
-    return shouldAdoptProjectSessionDuringRuntime(record);
-}
-function shouldAdoptStoredProjectSession(record) {
-    return shouldAdoptProjectSessionDuringBackfill(record);
-}
-function shouldAdoptUiProjectSession(messages) {
-    return hasUiProjectAdoption(messages);
-}
-function shouldAdoptResumeProjectSession(messages) {
-    return hasResumeProjectAdoption(messages);
-}
-function canUseProjectSessionAtRuntime(record) {
-    return shouldAdoptProjectSession(record);
-}
-function canUseProjectSessionAtBackfill(record) {
-    return shouldAdoptStoredProjectSession(record);
-}
-function canUseProjectSessionAtUi(messages) {
-    return shouldAdoptUiProjectSession(messages);
-}
-function canUseProjectSessionAtResume(messages) {
-    return shouldAdoptResumeProjectSession(messages);
-}
-function hasProjectSessionRuntimeEligibility(messages) {
-    return shouldAdoptProjectSessionDuringRuntime({ messages: messages ?? [] });
-}
-function hasProjectSessionBackfillEligibility(messages) {
-    return shouldAdoptProjectSessionDuringBackfill({ messages: messages ?? [] });
-}
-function hasProjectSessionUiEligibility(messages) {
-    return canUseProjectSessionAtUi(messages);
-}
-function hasProjectSessionResumeEligibility(messages) {
-    return canUseProjectSessionAtResume(messages);
-}
-function shouldClaimProjectSessionDuringRuntime(messages) {
-    return hasProjectSessionRuntimeEligibility(messages);
-}
-function shouldClaimProjectSessionDuringBackfill(messages) {
-    return hasProjectSessionBackfillEligibility(messages);
-}
-function shouldClaimProjectSessionForUi(messages) {
-    return hasProjectSessionUiEligibility(messages);
-}
-function shouldClaimProjectSessionForResume(messages) {
-    return hasProjectSessionResumeEligibility(messages);
-}
-function hasClaimableProjectSessionRuntime(messages) {
-    return shouldClaimProjectSessionDuringRuntime(messages);
-}
-function hasClaimableProjectSessionBackfill(messages) {
-    return shouldClaimProjectSessionDuringBackfill(messages);
-}
-function hasClaimableProjectSessionUi(messages) {
-    return shouldClaimProjectSessionForUi(messages);
-}
-function hasClaimableProjectSessionResume(messages) {
-    return shouldClaimProjectSessionForResume(messages);
-}
-function isClaimableProjectSessionRuntime(messages) {
-    return hasClaimableProjectSessionRuntime(messages);
-}
-function isClaimableProjectSessionBackfill(messages) {
-    return hasClaimableProjectSessionBackfill(messages);
-}
-function isClaimableProjectSessionUi(messages) {
-    return hasClaimableProjectSessionUi(messages);
-}
-function isClaimableProjectSessionResume(messages) {
-    return hasClaimableProjectSessionResume(messages);
-}
 function listClaudeProjectSessionCandidates(cwd) {
     const projectDir = getClaudeProjectDir(cwd);
     try {
@@ -557,9 +417,7 @@ export class ProcessManager extends EventEmitter {
             onStateChange: (sessionId, oldState, newState) => {
                 this.emitEvent({ type: "status", sessionId, data: { oldState, newState } });
             },
-            onIdle: (sessionId) => {
-                console.error(`[ProcessManager] Session ${sessionId} is now idle`);
-            },
+            onIdle: (_sessionId) => { },
             onArchived: (sessionId, reason) => {
                 console.error(`[ProcessManager] Session ${sessionId} archived: ${reason}`);
             },
@@ -599,7 +457,8 @@ export class ProcessManager extends EventEmitter {
                     knownClaudeTaskIds: undefined,
                     claudeTaskDiscoveryTimer: null,
                     knownClaudeProjectMtimes: isClaudeCmd ? listClaudeProjectSessionMtimes(updated.cwd) : undefined,
-                    claudeSessionId: resumeCommandSessionId ?? updated.claudeSessionId
+                    claudeSessionId: resumeCommandSessionId ?? updated.claudeSessionId,
+                    approvalStats: { tool: 0, command: 0, file: 0, total: 0 }
                 });
                 this.lifecycleManager.register(snapshot.id, "idle");
                 console.error(`[ProcessManager] Restored session ${snapshot.id} marked as exited (PTY orphaned)`);
@@ -631,7 +490,8 @@ export class ProcessManager extends EventEmitter {
                     knownClaudeTaskIds: undefined,
                     claudeTaskDiscoveryTimer: null,
                     knownClaudeProjectMtimes: isClaudeCmd ? listClaudeProjectSessionMtimes(snapshot.cwd) : undefined,
-                    claudeSessionId: resumeCommandSessionId ?? snapshot.claudeSessionId
+                    claudeSessionId: resumeCommandSessionId ?? snapshot.claudeSessionId,
+                    approvalStats: { tool: 0, command: 0, file: 0, total: 0 }
                 });
                 this.lifecycleManager.register(snapshot.id, "archived");
             }
@@ -741,7 +601,8 @@ export class ProcessManager extends EventEmitter {
             lastEmittedTask: null,
             knownClaudeTaskIds: knownClaudeTaskIds ?? undefined,
             claudeTaskDiscoveryTimer: null,
-            knownClaudeProjectMtimes: knownClaudeProjectMtimes ?? undefined
+            knownClaudeProjectMtimes: knownClaudeProjectMtimes ?? undefined,
+            approvalStats: { tool: 0, command: 0, file: 0, total: 0 }
         };
         // Create PTY bridge for this session
         record.ptyBridge = new ClaudePtyBridge({
@@ -844,7 +705,7 @@ export class ProcessManager extends EventEmitter {
                 process.stderr.write(`[wand] Cannot send initial input: session not ready\n`);
                 return;
             }
-            process.stderr.write(`[wand] Sending initial input: ${initialInput}\n`);
+            process.stderr.write(`[wand] Sending initial input (${initialInput.length} chars)\n`);
             // Track initial input via bridge for Chat mode
             if (current.ptyBridge) {
                 current.ptyBridge.onUserInput(initialInput);
@@ -1012,35 +873,16 @@ export class ProcessManager extends EventEmitter {
     sendInput(id, input, view, shortcutKey) {
         const record = this.mustGet(id);
         if (record.status !== "running") {
-            console.error("[ProcessManager] Rejecting input for non-running session", {
-                sessionId: id,
-                status: record.status,
-                hasPty: !!record.ptyProcess,
-                inputLength: input.length,
-                view: view ?? "chat"
-            });
+            console.error(`[ProcessManager] Rejecting input: session ${id} not running (${record.status})`);
             throw new SessionInputError("Session is not running.", "SESSION_NOT_RUNNING", id, record.status);
         }
         // Update lifecycle
         this.lifecycleManager.touch(id);
         this.lifecycleManager.startThinking(id);
         if (!record.ptyProcess) {
-            console.error("[ProcessManager] Rejecting input because PTY is missing", {
-                sessionId: id,
-                status: record.status,
-                hasPty: !!record.ptyProcess,
-                inputLength: input.length,
-                view: view ?? "chat"
-            });
+            console.error(`[ProcessManager] Rejecting input: session ${id} has no PTY`);
             throw new SessionInputError("Session is not running.", "SESSION_NO_PTY", id, record.status);
         }
-        console.error("[ProcessManager] Sending input to session", {
-            sessionId: id,
-            status: record.status,
-            hasPty: !!record.ptyProcess,
-            inputLength: input.length,
-            view: view ?? "chat"
-        });
         // Log shortcut key interactions for auto-confirm and mode analysis
         if (shortcutKey) {
             const outputLines = record.output.split("\n");
@@ -1253,7 +1095,8 @@ export class ProcessManager extends EventEmitter {
             messages: messages.length > 0 ? messages : undefined,
             resumedFromSessionId: record.resumedFromSessionId ?? undefined,
             resumedToSessionId: record.resumedToSessionId ?? undefined,
-            autoRecovered: record.autoRecovered ?? false
+            autoRecovered: record.autoRecovered ?? false,
+            approvalStats: record.approvalStats.total > 0 ? record.approvalStats : undefined
         };
     }
     isPermissionBlocked(record) {
@@ -1493,11 +1336,9 @@ export class ProcessManager extends EventEmitter {
             || claudeConfirmPrompt
             || toolPermissionPrompt
             || (hasExplicitConfirmSyntax(normalized)
-                && hasPermissionActionContext(normalized)
-                && PROMPT_PATTERNS.some((pattern) => pattern.test(normalized)));
+                && hasPermissionActionContext(normalized));
         if (shouldConfirm) {
             record.lastAutoConfirmAt = now;
-            process.stderr.write(`[wand] Auto-confirming prompt for ${record.mode} mode\n`);
             // Always auto-confirm by sending Enter directly
             ptyProcess.write("\r");
         }
@@ -1562,15 +1403,50 @@ export class ProcessManager extends EventEmitter {
                 });
                 break;
             }
-            case "permission.resolved":
+            case "permission.resolved": {
+                // Increment approval stats before clearing pendingEscalation
+                const resolvedScope = record.pendingEscalation?.scope;
+                if (resolvedScope) {
+                    if (resolvedScope === "run_command" || resolvedScope === "dangerous_shell") {
+                        record.approvalStats.command++;
+                    }
+                    else if (resolvedScope === "write_file") {
+                        record.approvalStats.file++;
+                    }
+                    else {
+                        record.approvalStats.tool++;
+                    }
+                    record.approvalStats.total++;
+                }
                 record.pendingEscalation = null;
                 record.ptyPermissionBlocked = false;
                 this.emitEvent({
                     type: "status",
                     sessionId: event.sessionId,
-                    data: { permissionBlocked: false },
+                    data: {
+                        permissionBlocked: false,
+                        approvalStats: record.approvalStats,
+                    },
                 });
+                // Log auto-approve events to shortcut-interactions.jsonl for analysis
+                const resolvedData = event.data;
+                if (resolvedData?.autoApproved) {
+                    const outputLines = record.output.split("\n");
+                    const tailLines = outputLines.slice(-8).join("\n");
+                    this.logger.appendShortcutLog(record.id, "auto_approve", tailLines, {
+                        mode: record.mode,
+                        scope: resolvedScope ?? "unknown",
+                        autoApprove: record.autoApprovePermissions,
+                        permissionBlocked: true,
+                        input: "\r",
+                        approveType: resolvedData.approveType,
+                        score: resolvedData.score,
+                        matched: resolvedData.matched,
+                        falsePositive: resolvedData.falsePositive,
+                    });
+                }
                 break;
+            }
             case "session.id":
                 // Claude session ID captured - already handled in onData
                 break;
@@ -1633,15 +1509,25 @@ export class ProcessManager extends EventEmitter {
         return false;
     }
     processCommandForMode(command, mode) {
+        const isClaudeCmd = /^(?:claude|npx\s+claude|[^\s]+\/claude)(?:\s|$)/.test(command);
+        if (!isClaudeCmd)
+            return command;
+        let result = command;
+        // When running as root, Claude CLI refuses --permission-mode bypassPermissions.
+        // Use acceptEdits to let Claude auto-accept edits natively, reducing the number
+        // of permission prompts wand has to auto-approve.
+        if (isRunningAsRoot() && (mode === "managed" || mode === "full-access" || mode === "auto-edit")) {
+            result += " --permission-mode acceptEdits";
+        }
         // In managed mode, append a system prompt instructing Claude to act autonomously
         // without asking the user for confirmation, since the user may not be monitoring.
-        if (mode === "managed" && /^(?:claude|npx\s+claude|[^\s]+\/claude)(?:\s|$)/.test(command)) {
+        if (mode === "managed") {
             const autonomousPrompt = "You are running in a fully managed, autonomous mode. The user may not be available to respond to questions or confirmations in a timely manner. You MUST make all decisions independently — choose the best approach yourself instead of asking the user for preferences, confirmations, or clarifications. If multiple approaches are viable, pick the one you judge most appropriate and proceed. Never block on user input unless the task is fundamentally ambiguous and cannot be reasonably inferred. Be decisive and self-directed.";
             // Escape single quotes for shell safety
             const escaped = autonomousPrompt.replace(/'/g, "'\\''");
-            return `${command} --append-system-prompt '${escaped}'`;
+            result += ` --append-system-prompt '${escaped}'`;
         }
-        return command;
+        return result;
     }
 }
 function clampDimension(value, min, max) {

package/dist/pty-text-utils.d.ts

@@ -11,5 +11,17 @@ export declare function isNoiseLine(line: string): boolean;
 export declare function appendWindow(buffer: string, chunk: string, maxSize: number): string;
 export declare function hasExplicitConfirmSyntax(normalized: string): boolean;
 export declare function hasPermissionActionContext(normalized: string): boolean;
+interface PermissionScore {
+    score: number;
+    matched: string[];
+}
+/** Minimum score threshold for fallback permission detection */
+export declare const FALLBACK_SCORE_THRESHOLD = 8;
+/**
+ * Score how likely the recent output contains a permission prompt.
+ * Evaluates the last few lines of normalized text against weighted keywords.
+ */
+export declare function scorePermissionLikelihood(normalized: string): PermissionScore;
 /** Normalize prompt text for permission detection (strip ANSI, collapse whitespace). */
 export declare function normalizePromptText(value: string): string;
+export {};

package/dist/pty-text-utils.js

@@ -77,8 +77,10 @@ const EXPLICIT_CONFIRM_PATTERNS = [
     /\[(?:y|yes)\s*\/\s*(?:n|no)\]/i,
     /\((?:y|yes)\s*\/\s*(?:n|no)\)/i,
     /\((?:y|yes)\s*\/\s*(?:n|no)\s*\/\s*always\)/i,
-    /\byes\b.*\bno\b/i,
+    /\byes\b[\s\S]*\bno\b/i,
     /\benter to confirm\b/i,
+    // Claude CLI numbered selection menus: "❯ 1. Yes" + "N. No"
+    /❯\s*1\.\s*yes\b/i,
 ];
 const PERMISSION_ACTION_PATTERNS = [
     /\bgrant\b.*\bpermission\b/i,
@@ -92,6 +94,40 @@ export function hasExplicitConfirmSyntax(normalized) {
 export function hasPermissionActionContext(normalized) {
     return PERMISSION_ACTION_PATTERNS.some((pattern) => pattern.test(normalized));
 }
+const PERMISSION_KEYWORD_WEIGHTS = [
+    { pattern: /\bdo you want to proceed\b/i, weight: 5, label: "do you want to proceed" },
+    { pattern: /\bwould you like to proceed\b/i, weight: 5, label: "would you like to proceed" },
+    { pattern: /\bdo you want to\b/i, weight: 4, label: "do you want to" },
+    { pattern: /\bwould you like to\b/i, weight: 4, label: "would you like to" },
+    { pattern: /\benter to confirm\b/i, weight: 4, label: "enter to confirm" },
+    { pattern: /\bgrant\b[\s\S]*\bpermission\b/i, weight: 4, label: "grant permission" },
+    { pattern: /❯\s*1\./i, weight: 3, label: "❯ 1." },
+    { pattern: /\b1\.\s*yes\b/i, weight: 3, label: "1. yes" },
+    { pattern: /\bdon'?t ask again\b/i, weight: 2, label: "don't ask again" },
+    { pattern: /\b(?:bash|shell)\s*command\b/i, weight: 2, label: "bash/shell command" },
+    { pattern: /\b(?:run|read|write|edit)\s+(?:file|command|shell)\b/i, weight: 2, label: "run/read/write action" },
+    { pattern: /\ballow\b.*\breading\b/i, weight: 2, label: "allow reading" },
+];
+/** Minimum score threshold for fallback permission detection */
+export const FALLBACK_SCORE_THRESHOLD = 8;
+/**
+ * Score how likely the recent output contains a permission prompt.
+ * Evaluates the last few lines of normalized text against weighted keywords.
+ */
+export function scorePermissionLikelihood(normalized) {
+    // Take the last ~5 lines
+    const lines = normalized.split("\n");
+    const tail = lines.slice(-8).join("\n");
+    let score = 0;
+    const matched = [];
+    for (const { pattern, weight, label } of PERMISSION_KEYWORD_WEIGHTS) {
+        if (pattern.test(tail)) {
+            score += weight;
+            matched.push(label);
+        }
+    }
+    return { score, matched };
+}
 /** Normalize prompt text for permission detection (strip ANSI, collapse whitespace). */
 export function normalizePromptText(value) {
     return value

package/dist/server-session-routes.d.ts

@@ -2,5 +2,6 @@ import { Express } from "express";
 import { ProcessManager } from "./process-manager.js";
 import { WandStorage } from "./storage.js";
 import { ExecutionMode } from "./types.js";
+export declare function getErrorMessage(error: unknown, fallback: string): string;
 export declare function registerSessionRoutes(app: Express, processes: ProcessManager, storage: WandStorage, defaultMode: ExecutionMode): void;
 export declare function registerClaudeHistoryRoutes(app: Express, processes: ProcessManager, storage: WandStorage): void;

package/dist/server-session-routes.js

@@ -1,7 +1,7 @@
 import express from "express";
 import { parseMessages } from "./message-parser.js";
 import { SessionInputError } from "./process-manager.js";
-function getErrorMessage(error, fallback) {
+export function getErrorMessage(error, fallback) {
     return error instanceof Error ? error.message : fallback;
 }
 function getInputErrorResponse(error, sessionId) {
@@ -184,10 +184,8 @@ export function registerSessionRoutes(app, processes, storage, defaultMode) {
         const input = body.input ?? "";
         const view = body.view;
         const shortcutKey = body.shortcutKey;
-        console.error("[wand] Input request received", { sessionId, inputLength: input.length, view: view ?? "chat" });
         try {
             const snapshot = processes.sendInput(sessionId, input, view, shortcutKey);
-            console.error("[wand] Input request succeeded", { sessionId, status: snapshot.status, inputLength: input.length, view: view ?? "chat" });
             res.json(snapshot);
         }
         catch (error) {

package/dist/server.js

@@ -58,16 +58,12 @@ import { ensureCertificates } from "./cert.js";
 import { isExecutionMode, resolveConfigDir, saveConfig } from "./config.js";
 import { ProcessManager } from "./process-manager.js";
 import { generatePwaManifest, generateServiceWorker } from "./pwa.js";
-import { registerClaudeHistoryRoutes, registerSessionRoutes } from "./server-session-routes.js";
+import { getErrorMessage, registerClaudeHistoryRoutes, registerSessionRoutes } from "./server-session-routes.js";
 import { resolveDatabasePath, WandStorage } from "./storage.js";
 import { renderApp } from "./web-ui/index.js";
 import { WsBroadcastManager } from "./ws-broadcast.js";
 import { checkRateLimit, recordFailedLogin, resetRateLimit } from "./middleware/rate-limit.js";
 import { isPathWithinBase, isBlockedFolderPath, normalizeFolderPath } from "./middleware/path-safety.js";
-// ── Error helpers ──
-function getErrorMessage(error, fallback) {
-    return error instanceof Error ? error.message : fallback;
-}
 // ── Git helpers ──
 async function isGitRepo(dirPath) {
     try {
@@ -221,23 +217,6 @@ function parseStoredPathList(raw) {
         return [];
     }
 }
-const HIDDEN_CLAUDE_SESSIONS_KEY = "hidden_claude_sessions";
-function getHiddenClaudeSessionIds(storage) {
-    return new Set(parseStoredPathList(storage.getConfigValue(HIDDEN_CLAUDE_SESSIONS_KEY)));
-}
-function saveHiddenClaudeSessionIds(storage, hidden) {
-    storage.setConfigValue(HIDDEN_CLAUDE_SESSIONS_KEY, JSON.stringify(Array.from(hidden)));
-}
-function removeFromHiddenClaudeSessionIds(storage, idsToRemove) {
-    const hidden = getHiddenClaudeSessionIds(storage);
-    let changed = false;
-    for (const id of idsToRemove) {
-        if (hidden.delete(id))
-            changed = true;
-    }
-    if (changed)
-        saveHiddenClaudeSessionIds(storage, hidden);
-}
 const MAX_RECENT_PATHS = 10;
 // ── File language detection ──
 function getLanguageFromExt(ext, filePath) {
@@ -289,18 +268,14 @@ export async function startServer(config, configPath) {
         res.setHeader("Content-Type", "application/manifest+json");
         res.send(generatePwaManifest());
     });
-    app.get("/icon.svg", (_req, res) => {
-        res.type("image/svg+xml").send(getAvatarSvg(avatarSeed, 192));
-    });
+    for (const [route, size] of [["/icon.svg", 192], ["/icon-192.png", 192], ["/icon-512.png", 512]]) {
+        app.get(route, (_req, res) => {
+            res.type("image/svg+xml").send(getAvatarSvg(avatarSeed, size));
+        });
+    }
     const iconsDir = path.resolve(existsSync(path.join(SERVER_MODULE_DIR, "web-ui", "content"))
         ? path.join(SERVER_MODULE_DIR, "web-ui", "content")
         : path.join(RUNTIME_ROOT_DIR, "src", "web-ui", "content"));
-    app.get("/icon-192.png", (_req, res) => {
-        res.type("image/svg+xml").send(getAvatarSvg(avatarSeed, 192));
-    });
-    app.get("/icon-512.png", (_req, res) => {
-        res.type("image/svg+xml").send(getAvatarSvg(avatarSeed, 512));
-    });
     app.get("/sw.js", (_req, res) => {
         res.setHeader("Content-Type", "application/javascript");
         res.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");

package/dist/session-lifecycle.js

@@ -25,7 +25,6 @@ export class SessionLifecycleManager {
             lastActivityAt: Date.now(),
         };
         this.sessions.set(sessionId, lifecycle);
-        console.error(`[Lifecycle] Session ${sessionId} registered with state: ${initialState}`);
     }
     /**
      * Update session state
@@ -33,7 +32,6 @@ export class SessionLifecycleManager {
     setState(sessionId, newState) {
         const lifecycle = this.sessions.get(sessionId);
         if (!lifecycle) {
-            console.error(`[Lifecycle] Session ${sessionId} not found`);
             return;
         }
         const oldState = lifecycle.state;
@@ -43,7 +41,6 @@ export class SessionLifecycleManager {
         lifecycle.state = newState;
         lifecycle.stateSince = Date.now();
         lifecycle.lastActivityAt = Date.now();
-        console.error(`[Lifecycle] Session ${sessionId} state changed: ${oldState} -> ${newState}`);
         // Emit state change event
         this.events.onStateChange?.(sessionId, oldState, newState);
     }
@@ -89,7 +86,6 @@ export class SessionLifecycleManager {
         lifecycle.stateSince = Date.now();
         lifecycle.archivedBy = by;
         lifecycle.archiveReason = reason;
-        console.error(`[Lifecycle] Session ${sessionId} archived: ${reason} (by: ${by})`);
         // Emit archived event
         this.events.onArchived?.(sessionId, reason);
     }
@@ -98,7 +94,6 @@ export class SessionLifecycleManager {
      */
     unregister(sessionId) {
         this.sessions.delete(sessionId);
-        console.error(`[Lifecycle] Session ${sessionId} unregistered`);
     }
     /**
      * Get session lifecycle

package/dist/session-logger.d.ts

@@ -3,12 +3,22 @@ import type { ConversationTurn, ExecutionMode } from "./types.js";
 export interface ShortcutLogContext {
     /** Execution mode the session is running in (e.g. "managed", "full-access") */
     mode: ExecutionMode;
+    /** Permission scope that was approved (e.g. "run_command", "write_file") */
+    scope?: string;
     /** Whether auto-approve is active for this session */
     autoApprove: boolean;
     /** Whether a permission prompt was blocking at the time of the keypress */
     permissionBlocked: boolean;
     /** The actual input string sent to PTY */
     input: string;
+    /** Auto-approve detection type: "strict" | "fallback" | "idle_probe" */
+    approveType?: string;
+    /** Fallback detection score */
+    score?: number;
+    /** Fallback detection matched keywords */
+    matched?: string[];
+    /** Whether the auto-approve was a false positive */
+    falsePositive?: boolean;
 }
 /**
  * SessionLogger saves raw session content to local files for debugging and analysis.

package/dist/types.d.ts

@@ -160,6 +160,13 @@ export interface SessionSnapshot {
     resumedToSessionId?: string | null;
     /** 服务器重启时是否自动恢复 */
     autoRecovered?: boolean;
+    /** 自动批准统计（按类别分） */
+    approvalStats?: {
+        tool: number;
+        command: number;
+        file: number;
+        total: number;
+    };
 }
 export type SessionLifecycleState = "initializing" | "running" | "idle" | "thinking" | "waiting-input" | "archived";
 export interface SessionLifecycle {

package/dist/web-ui/content/scripts.js

@@ -173,6 +173,12 @@
         return (state.config && state.config.defaultCwd) || "/tmp";
       }
 
+      function resetChatRenderCache() {
+        state.lastRenderedHash = 0;
+        state.lastRenderedMsgCount = 0;
+        state.lastRenderedEmpty = null;
+      }
+
       function getEffectiveCwd() {
         return state.workingDir || getConfigCwd();
       }
@@ -324,9 +330,7 @@
 
         app.innerHTML = isLoggedIn ? renderAppShell() : renderLogin();
         // Reset chat render tracking since DOM was fully replaced
-        state.lastRenderedHash = 0;
-        state.lastRenderedMsgCount = 0;
-        state.lastRenderedEmpty = null;
+        resetChatRenderCache();
         attachEventListeners();
         updateDrawerState();
         syncComposerModeSelect();
@@ -367,6 +371,26 @@
           '<button class="shortcut-key" data-key="escape" type="button">Esc</button>';
       }
 
+      function renderApprovalStatsBadge() {
+        var selectedSession = state.sessions.find(function(s) { return s.id === state.selectedId; });
+        var stats = selectedSession && selectedSession.approvalStats;
+        if (!stats || stats.total === 0) return '<span class="approval-stats hidden" id="approval-stats"></span>';
+        return '<span class="approval-stats" id="approval-stats">' +
+          '<span class="approval-stats-divider"></span>' +
+          '<span class="approval-stats-badge" id="approval-stats-badge" title="本次会话自动批准统计">' +
+            '<svg class="approval-stats-icon" width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M12 22s8-4 8-10V5l-8-3-8 3v7c0 6 8 10 8 10z"/></svg>' +
+            '<span class="approval-stats-total">' + stats.total + '</span>' +
+          '</span>' +
+          '<span class="approval-stats-popup" id="approval-stats-popup">' +
+            '<span class="approval-stats-popup-title">自动批准统计</span>' +
+            (stats.command > 0 ? '<span class="approval-stats-row"><span class="approval-stats-row-icon">⚡</span><span class="approval-stats-row-label">命令执行</span><span class="approval-stats-row-count">' + stats.command + '</span></span>' : '') +
+            (stats.file > 0 ? '<span class="approval-stats-row"><span class="approval-stats-row-icon">📝</span><span class="approval-stats-row-label">文件写入</span><span class="approval-stats-row-count">' + stats.file + '</span></span>' : '') +
+            (stats.tool > 0 ? '<span class="approval-stats-row"><span class="approval-stats-row-icon">🔧</span><span class="approval-stats-row-label">其他工具</span><span class="approval-stats-row-count">' + stats.tool + '</span></span>' : '') +
+            '<span class="approval-stats-row approval-stats-row-total"><span class="approval-stats-row-icon">∑</span><span class="approval-stats-row-label">合计</span><span class="approval-stats-row-count">' + stats.total + '</span></span>' +
+          '</span>' +
+        '</span>';
+      }
+
       function renderInlineKeyboard() {
         if (!state.selectedId) return "";
         var isTerminal = state.currentView === "terminal";
@@ -462,6 +486,12 @@
                   '<span class="session-count" id="session-count">' + String(state.sessions.length) + '</span>' +
                 '</div>' +
                 '<div class="sidebar-header-actions">' +
+                  '<button id="sidebar-home-btn" class="btn btn-ghost btn-sm" type="button" title="回到首页">' +
+                    '<svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M3 9l9-7 9 7v11a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2z"/><polyline points="9 22 9 12 15 12 15 22"/></svg>' +
+                  '</button>' +
+                  '<button id="sidebar-refresh-btn" class="btn btn-ghost btn-sm" type="button" title="刷新页面">' +
+                    '<svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><polyline points="23 4 23 10 17 10"/><path d="M20.49 15a9 9 0 1 1-2.12-9.36L23 10"/></svg>' +
+                  '</button>' +
                   '<button id="close-drawer-button" class="btn btn-ghost btn-sm sidebar-close" type="button" aria-label="关闭菜单">×</button>' +
                 '</div>' +
               '</div>' +
@@ -569,6 +599,7 @@
                         '<button id="approve-permission-btn" class="btn btn-permission btn-permission-approve" type="button">批准</button>' +
                         '<button id="deny-permission-btn" class="btn btn-permission btn-permission-deny" type="button">拒绝</button>' +
                       '</span>' +
+                      renderApprovalStatsBadge() +
                     '</div>' +
                     '<div class="input-composer-right">' +
                       '<span id="queue-counter" class="queue-counter hidden">队列: 0</span>' +
@@ -1904,6 +1935,18 @@
         if (drawerBackdrop) drawerBackdrop.addEventListener("click", closeSessionsDrawer);
         var closeDrawerBtn = document.getElementById("close-drawer-button");
         if (closeDrawerBtn) closeDrawerBtn.addEventListener("click", closeSessionsDrawer);
+        var homeBtn = document.getElementById("sidebar-home-btn");
+        if (homeBtn) homeBtn.addEventListener("click", function() {
+          state.selectedId = null;
+          persistSelectedId();
+          resetChatRenderCache();
+          closeSessionsDrawer();
+          renderApp();
+        });
+        var refreshBtn = document.getElementById("sidebar-refresh-btn");
+        if (refreshBtn) refreshBtn.addEventListener("click", function() {
+          window.location.reload();
+        });
         var logoutBtn = document.getElementById("logout-button");
         if (logoutBtn) logoutBtn.addEventListener("click", logout);
         var settingsBtn = document.getElementById("settings-button");
@@ -3587,9 +3630,7 @@
       function selectSession(id) {
         state.selectedId = id;
         persistSelectedId();
-        state.lastRenderedHash = 0;
-        state.lastRenderedMsgCount = 0;
-        state.lastRenderedEmpty = null;
+        resetChatRenderCache();
         state.currentMessages = [];
         if (chatRenderTimer) { clearTimeout(chatRenderTimer); chatRenderTimer = null; }
         // Reset todo progress bar
@@ -4176,9 +4217,7 @@
           state.selectedId = data.id;
           persistSelectedId();
           state.drafts[data.id] = "";
-          state.lastRenderedHash = 0;
-          state.lastRenderedMsgCount = 0;
-          state.lastRenderedEmpty = null;
+          resetChatRenderCache();
           return refreshAll();
         })
         .then(function() { focusInputBox(true); })
@@ -4221,9 +4260,7 @@
           state.selectedId = data.id;
           persistSelectedId();
           state.drafts[data.id] = "";
-          state.lastRenderedHash = 0;
-          state.lastRenderedMsgCount = 0;
-          state.lastRenderedEmpty = null;
+          resetChatRenderCache();
           closeSessionModal();
           closeSessionsDrawer();
           return refreshAll();
@@ -4653,9 +4690,7 @@
           state.selectedId = data.id;
           persistSelectedId();
           state.drafts[data.id] = "";
-          state.lastRenderedHash = 0;
-          state.lastRenderedMsgCount = 0;
-          state.lastRenderedEmpty = null;
+          resetChatRenderCache();
           switchToSessionView(data.id);
           updateSessionSnapshot(data);
           updateSessionsList();
@@ -4711,9 +4746,7 @@
           state.selectedId = data.id;
           persistSelectedId();
           state.drafts[data.id] = "";
-          state.lastRenderedHash = 0;
-          state.lastRenderedMsgCount = 0;
-          state.lastRenderedEmpty = null;
+          resetChatRenderCache();
           if (inputBox) inputBox.value = "";
           if (welcomeInput) welcomeInput.value = "";
           switchToSessionView(data.id);
@@ -5601,9 +5634,7 @@
 
       function activateSession(data) {
         if (!data || !data.id) return Promise.resolve();
-        state.lastRenderedHash = 0;
-        state.lastRenderedMsgCount = 0;
-        state.lastRenderedEmpty = null;
+        resetChatRenderCache();
         switchToSessionView(data.id);
         updateSessionSnapshot(data);
         updateSessionsList();
@@ -7056,9 +7087,15 @@
               if (msg.data.permissionBlocked === false) {
                 statusUpdate.pendingEscalation = null;
               }
+              if (msg.data.approvalStats) {
+                statusUpdate.approvalStats = msg.data.approvalStats;
+              }
               updateSessionSnapshot(statusUpdate);
               if (msg.sessionId === state.selectedId) {
                 updateTaskDisplay();
+                if (msg.data.approvalStats) {
+                  updateApprovalStats();
+                }
               }
             }
             break;
@@ -7128,6 +7165,39 @@
         }
       }
 
+      function updateApprovalStats() {
+        var container = document.getElementById("approval-stats");
+        if (!container) return;
+        var selectedSession = state.sessions.find(function(s) { return s.id === state.selectedId; });
+        var stats = selectedSession && selectedSession.approvalStats;
+        if (!stats || stats.total === 0) {
+          container.className = "approval-stats hidden";
+          container.innerHTML = "";
+          return;
+        }
+        container.className = "approval-stats";
+        container.innerHTML =
+          '<span class="approval-stats-divider"></span>' +
+          '<span class="approval-stats-badge" id="approval-stats-badge" title="本次会话自动批准统计">' +
+            '<svg class="approval-stats-icon" width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M12 22s8-4 8-10V5l-8-3-8 3v7c0 6 8 10 8 10z"/></svg>' +
+            '<span class="approval-stats-total">' + stats.total + '</span>' +
+          '</span>' +
+          '<span class="approval-stats-popup" id="approval-stats-popup">' +
+            '<span class="approval-stats-popup-title">自动批准统计</span>' +
+            (stats.command > 0 ? '<span class="approval-stats-row"><span class="approval-stats-row-icon">⚡</span><span class="approval-stats-row-label">命令执行</span><span class="approval-stats-row-count">' + stats.command + '</span></span>' : '') +
+            (stats.file > 0 ? '<span class="approval-stats-row"><span class="approval-stats-row-icon">📝</span><span class="approval-stats-row-label">文件写入</span><span class="approval-stats-row-count">' + stats.file + '</span></span>' : '') +
+            (stats.tool > 0 ? '<span class="approval-stats-row"><span class="approval-stats-row-icon">🔧</span><span class="approval-stats-row-label">其他工具</span><span class="approval-stats-row-count">' + stats.tool + '</span></span>' : '') +
+            '<span class="approval-stats-row approval-stats-row-total"><span class="approval-stats-row-icon">∑</span><span class="approval-stats-row-label">合计</span><span class="approval-stats-row-count">' + stats.total + '</span></span>' +
+          '</span>';
+        // Pulse animation on the badge
+        var badge = container.querySelector(".approval-stats-badge");
+        if (badge) {
+          badge.classList.remove("approval-stats-pulse");
+          void badge.offsetWidth;
+          badge.classList.add("approval-stats-pulse");
+        }
+      }
+
       function approvePermission() {
         if (!state.selectedId) return;
         var approveBtn = document.getElementById("approve-permission-btn");

package/dist/web-ui/content/styles.css

@@ -269,8 +269,9 @@
     }
 
     .floating-sidebar-toggle.active {
-      background: rgba(197, 101, 61, 0.1);
-      border-color: rgba(197, 101, 61, 0.2);
+      opacity: 0;
+      pointer-events: none;
+      transition: opacity 0.15s ease;
     }
 
     .floating-sidebar-toggle:active {
@@ -3429,6 +3430,114 @@
       to { opacity: 1; transform: translateX(0); }
     }
 
+    /* Approval stats badge */
+    .approval-stats {
+      display: inline-flex;
+      align-items: center;
+      position: relative;
+    }
+    .approval-stats.hidden {
+      display: none;
+    }
+    .approval-stats-divider {
+      width: 1px;
+      height: 16px;
+      background: var(--border);
+      margin: 0 4px 0 2px;
+    }
+    .approval-stats-badge {
+      display: inline-flex;
+      align-items: center;
+      gap: 3px;
+      padding: 1px 7px 1px 5px;
+      border-radius: 10px;
+      background: rgba(34, 197, 94, 0.1);
+      color: #22c55e;
+      font-size: 0.68rem;
+      font-weight: 600;
+      cursor: default;
+      transition: background 0.15s;
+      line-height: 1.5;
+    }
+    .approval-stats-badge:hover {
+      background: rgba(34, 197, 94, 0.18);
+    }
+    .approval-stats-icon {
+      stroke: #22c55e;
+      flex-shrink: 0;
+    }
+    .approval-stats-total {
+      font-variant-numeric: tabular-nums;
+    }
+    @keyframes approval-pulse {
+      0% { transform: scale(1); }
+      50% { transform: scale(1.15); }
+      100% { transform: scale(1); }
+    }
+    .approval-stats-pulse {
+      animation: approval-pulse 0.3s ease-out;
+    }
+    /* Popup tooltip */
+    .approval-stats-popup {
+      display: none;
+      position: absolute;
+      bottom: calc(100% + 6px);
+      left: 50%;
+      transform: translateX(-50%);
+      background: var(--bg-elevated, #1e1e2e);
+      border: 1px solid var(--border);
+      border-radius: 8px;
+      padding: 8px 10px;
+      min-width: 140px;
+      box-shadow: 0 4px 16px rgba(0,0,0,0.25);
+      z-index: 100;
+      flex-direction: column;
+      gap: 4px;
+    }
+    .approval-stats:hover .approval-stats-popup {
+      display: flex;
+    }
+    .approval-stats-popup-title {
+      font-size: 0.65rem;
+      color: var(--text-muted);
+      font-weight: 500;
+      margin-bottom: 2px;
+      white-space: nowrap;
+    }
+    .approval-stats-row {
+      display: flex;
+      align-items: center;
+      gap: 6px;
+      font-size: 0.7rem;
+      color: var(--text-secondary, #ccc);
+      white-space: nowrap;
+    }
+    .approval-stats-row-icon {
+      width: 16px;
+      text-align: center;
+      flex-shrink: 0;
+      font-size: 0.72rem;
+    }
+    .approval-stats-row-label {
+      flex: 1;
+    }
+    .approval-stats-row-count {
+      font-weight: 600;
+      color: var(--text-primary, #eee);
+      font-variant-numeric: tabular-nums;
+      min-width: 20px;
+      text-align: right;
+    }
+    .approval-stats-row-total {
+      border-top: 1px solid var(--border);
+      padding-top: 4px;
+      margin-top: 2px;
+      color: #22c55e;
+    }
+    .approval-stats-row-total .approval-stats-row-count {
+      color: #22c55e;
+    }
+
     .composer-interactive-toggle {
       display: inline-flex;
       align-items: center;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@co0ontty/wand",
-  "version": "1.3.4",
+  "version": "1.3.6",
   "description": "A web terminal for local CLI tools like Claude.",
   "type": "module",
   "bin": {