@codemcp/ade-harnesses 0.0.2 → 0.1.1

package/src/writers/claude-code.ts

@@ -6,9 +6,9 @@ import {
   writeJson,
   writeMcpServers,
   writeAgentMd,
-  writeInlineSkills,
   writeGitHooks
 } from "../util.js";
+import { allowsCapability, keepsWebOnAsk } from "../permission-policy.js";
 
 export const claudeCodeWriter: HarnessWriter = {
   id: "claude-code",
@@ -26,7 +26,6 @@ export const claudeCodeWriter: HarnessWriter = {
     });
 
     await writeClaudeSettings(config, projectRoot);
-    await writeInlineSkills(config, projectRoot);
     await writeGitHooks(config.git_hooks, projectRoot);
   }
 };
@@ -35,30 +34,74 @@ async function writeClaudeSettings(
   config: LogicalConfig,
   projectRoot: string
 ): Promise<void> {
-  const servers = config.mcp_servers;
-  if (servers.length === 0) return;
-
   const settingsPath = join(projectRoot, ".claude", "settings.json");
   const existing = await readJsonOrEmpty(settingsPath);
+  const existingPerms = (existing.permissions as Record<string, unknown>) ?? {};
+  const existingAllow = asStringArray(existingPerms.allow);
+  const existingAsk = asStringArray(existingPerms.ask);
 
-  const allowRules: string[] = [];
-  for (const server of servers) {
-    const allowed = server.allowedTools ?? ["*"];
-    if (allowed.includes("*")) {
-      allowRules.push(`MCP(${server.ref}:*)`);
-    } else {
-      for (const tool of allowed) {
-        allowRules.push(`MCP(${server.ref}:${tool})`);
-      }
-    }
-  }
+  const autonomyRules = getClaudeAutonomyRules(config);
+  const mcpRules = getClaudeMcpAllowRules(config);
+  const allowRules = [
+    ...new Set([...existingAllow, ...autonomyRules.allow, ...mcpRules])
+  ];
+  const askRules = [...new Set([...existingAsk, ...autonomyRules.ask])];
 
-  const existingPerms = (existing.permissions as Record<string, unknown>) ?? {};
-  const existingAllow = (existingPerms.allow as string[]) ?? [];
-  const mergedAllow = [...new Set([...existingAllow, ...allowRules])];
+  if (
+    allowRules.length === 0 &&
+    askRules.length === 0 &&
+    config.mcp_servers.length === 0
+  ) {
+    return;
+  }
 
   await writeJson(settingsPath, {
     ...existing,
-    permissions: { ...existingPerms, allow: mergedAllow }
+    permissions: {
+      ...existingPerms,
+      ...(allowRules.length > 0 ? { allow: allowRules } : {}),
+      ...(askRules.length > 0 ? { ask: askRules } : {})
+    }
   });
 }
+
+function asStringArray(value: unknown): string[] {
+  return Array.isArray(value)
+    ? value.filter((entry): entry is string => typeof entry === "string")
+    : [];
+}
+
+function getClaudeMcpAllowRules(config: LogicalConfig): string[] {
+  const allowRules: string[] = [];
+
+  for (const server of config.mcp_servers) {
+    const allowedTools = server.allowedTools;
+    if (!allowedTools || allowedTools.includes("*")) {
+      continue;
+    }
+
+    for (const tool of allowedTools) {
+      allowRules.push(`mcp__${server.ref}__${tool}`);
+    }
+  }
+
+  return allowRules;
+}
+
+function getClaudeAutonomyRules(config: LogicalConfig): {
+  allow: string[];
+  ask: string[];
+} {
+  const ask = keepsWebOnAsk(config) ? ["WebFetch", "WebSearch"] : [];
+
+  return {
+    allow: [
+      ...(allowsCapability(config, "read") ? ["Read"] : []),
+      ...(allowsCapability(config, "edit_write") ? ["Edit"] : []),
+      ...(allowsCapability(config, "search_list") ? ["Glob", "Grep"] : []),
+      ...(allowsCapability(config, "bash_unsafe") ? ["Bash"] : []),
+      ...(allowsCapability(config, "task_agent") ? ["TodoWrite"] : [])
+    ],
+    ask
+  };
+}

package/src/writers/cline.spec.ts

@@ -2,9 +2,57 @@ import { describe, it, expect, beforeEach, afterEach } from "vitest";
 import { mkdtemp, rm, readFile } from "node:fs/promises";
 import { tmpdir } from "node:os";
 import { join } from "node:path";
-import type { LogicalConfig } from "@codemcp/ade-core";
+import type {
+  AutonomyProfile,
+  LogicalConfig,
+  PermissionPolicy
+} from "@codemcp/ade-core";
 import { clineWriter } from "./cline.js";
 
+function autonomyPolicy(profile: AutonomyProfile): PermissionPolicy {
+  switch (profile) {
+    case "rigid":
+      return {
+        profile,
+        capabilities: {
+          read: "ask",
+          edit_write: "ask",
+          search_list: "ask",
+          bash_safe: "ask",
+          bash_unsafe: "ask",
+          web: "ask",
+          task_agent: "ask"
+        }
+      };
+    case "sensible-defaults":
+      return {
+        profile,
+        capabilities: {
+          read: "allow",
+          edit_write: "allow",
+          search_list: "allow",
+          bash_safe: "allow",
+          bash_unsafe: "ask",
+          web: "ask",
+          task_agent: "allow"
+        }
+      };
+    case "max-autonomy":
+      return {
+        profile,
+        capabilities: {
+          read: "allow",
+          edit_write: "allow",
+          search_list: "allow",
+          bash_safe: "allow",
+          bash_unsafe: "allow",
+          web: "ask",
+          task_agent: "allow"
+        }
+      };
+  }
+}
+
 describe("clineWriter", () => {
   let dir: string;
 
@@ -21,7 +69,7 @@ describe("clineWriter", () => {
     expect(clineWriter.label).toBe("Cline");
   });
 
-  it("writes .cline/mcp.json with MCP servers", async () => {
+  it("writes cline_mcp_settings.json with MCP servers", async () => {
     const config: LogicalConfig = {
       mcp_servers: [
         {
@@ -41,7 +89,7 @@ describe("clineWriter", () => {
 
     await clineWriter.install(config, dir);
 
-    const raw = await readFile(join(dir, ".cline", "mcp.json"), "utf-8");
+    const raw = await readFile(join(dir, "cline_mcp_settings.json"), "utf-8");
     const parsed = JSON.parse(raw);
     expect(parsed.mcpServers["workflows"]).toEqual({
       command: "npx",
@@ -50,6 +98,36 @@ describe("clineWriter", () => {
     });
   });
 
+  it("forwards explicit MCP approvals unchanged from provisioning", async () => {
+    const config: LogicalConfig = {
+      mcp_servers: [
+        {
+          ref: "workflows",
+          command: "npx",
+          args: ["-y", "@codemcp/workflows"],
+          env: {},
+          allowedTools: ["whats_next", "proceed_to_phase"]
+        }
+      ],
+      instructions: [],
+      cli_actions: [],
+      knowledge_sources: [],
+      skills: [],
+      git_hooks: [],
+      setup_notes: []
+    };
+
+    await clineWriter.install(config, dir);
+
+    const raw = await readFile(join(dir, "cline_mcp_settings.json"), "utf-8");
+    const parsed = JSON.parse(raw);
+    expect(parsed.mcpServers["workflows"]).toEqual({
+      command: "npx",
+      args: ["-y", "@codemcp/workflows"],
+      alwaysAllow: ["whats_next", "proceed_to_phase"]
+    });
+  });
+
   it("writes .clinerules with instructions", async () => {
     const config: LogicalConfig = {
       mcp_servers: [],
@@ -66,4 +144,69 @@ describe("clineWriter", () => {
     const content = await readFile(join(dir, ".clinerules"), "utf-8");
     expect(content).toContain("Follow TDD.");
   });
+
+  it("does not invent built-in auto-approval settings for autonomy profiles", async () => {
+    const rigidRoot = join(dir, "rigid");
+    const sensibleRoot = join(dir, "sensible");
+    const maxRoot = join(dir, "max");
+
+    const rigidConfig: LogicalConfig = {
+      mcp_servers: [
+        {
+          ref: "workflows",
+          command: "npx",
+          args: ["-y", "@codemcp/workflows"],
+          env: {}
+        }
+      ],
+      instructions: ["Use approvals for risky actions."],
+      cli_actions: [],
+      knowledge_sources: [],
+      skills: [],
+      git_hooks: [],
+      setup_notes: [],
+      permission_policy: autonomyPolicy("rigid")
+    };
+
+    const sensibleConfig: LogicalConfig = {
+      ...rigidConfig,
+      permission_policy: autonomyPolicy("sensible-defaults")
+    };
+
+    const maxConfig: LogicalConfig = {
+      ...rigidConfig,
+      permission_policy: autonomyPolicy("max-autonomy")
+    };
+
+    await clineWriter.install(rigidConfig, rigidRoot);
+    await clineWriter.install(sensibleConfig, sensibleRoot);
+    await clineWriter.install(maxConfig, maxRoot);
+
+    const rigidSettings = JSON.parse(
+      await readFile(join(rigidRoot, "cline_mcp_settings.json"), "utf-8")
+    );
+    const sensibleSettings = JSON.parse(
+      await readFile(join(sensibleRoot, "cline_mcp_settings.json"), "utf-8")
+    );
+    const maxSettings = JSON.parse(
+      await readFile(join(maxRoot, "cline_mcp_settings.json"), "utf-8")
+    );
+    const maxRules = await readFile(join(maxRoot, ".clinerules"), "utf-8");
+
+    expect(rigidSettings).toEqual(sensibleSettings);
+    expect(sensibleSettings).toEqual(maxSettings);
+    expect(maxSettings).toEqual({
+      mcpServers: {
+        workflows: {
+          command: "npx",
+          args: ["-y", "@codemcp/workflows"],
+          alwaysAllow: ["*"]
+        }
+      }
+    });
+    expect(maxRules).toContain("Use approvals for risky actions.");
+    expect(maxRules).not.toContain("browser_action");
+    expect(maxRules).not.toContain("execute_command");
+    expect(maxRules).not.toContain("web");
+  });
 });

package/src/writers/cline.ts

@@ -11,10 +11,10 @@ import {
 export const clineWriter: HarnessWriter = {
   id: "cline",
   label: "Cline",
-  description: "VS Code AI agent — .cline/mcp.json + .clinerules",
+  description: "VS Code AI agent — cline_mcp_settings.json + .clinerules",
   async install(config: LogicalConfig, projectRoot: string) {
     await writeMcpServers(config.mcp_servers, {
-      path: join(projectRoot, ".cline", "mcp.json"),
+      path: join(projectRoot, "cline_mcp_settings.json"),
       transform: alwaysAllowEntry
     });
 

package/src/writers/copilot.spec.ts

@@ -2,9 +2,57 @@ import { describe, it, expect, beforeEach, afterEach } from "vitest";
 import { mkdtemp, rm, readFile } from "node:fs/promises";
 import { tmpdir } from "node:os";
 import { join } from "node:path";
-import type { LogicalConfig } from "@codemcp/ade-core";
+import type {
+  AutonomyProfile,
+  LogicalConfig,
+  PermissionPolicy
+} from "@codemcp/ade-core";
 import { copilotWriter } from "./copilot.js";
 
+function autonomyPolicy(profile: AutonomyProfile): PermissionPolicy {
+  switch (profile) {
+    case "rigid":
+      return {
+        profile,
+        capabilities: {
+          read: "ask",
+          edit_write: "ask",
+          search_list: "ask",
+          bash_safe: "ask",
+          bash_unsafe: "ask",
+          web: "ask",
+          task_agent: "ask"
+        }
+      };
+    case "sensible-defaults":
+      return {
+        profile,
+        capabilities: {
+          read: "allow",
+          edit_write: "allow",
+          search_list: "allow",
+          bash_safe: "allow",
+          bash_unsafe: "ask",
+          web: "ask",
+          task_agent: "allow"
+        }
+      };
+    case "max-autonomy":
+      return {
+        profile,
+        capabilities: {
+          read: "allow",
+          edit_write: "allow",
+          search_list: "allow",
+          bash_safe: "allow",
+          bash_unsafe: "allow",
+          web: "ask",
+          task_agent: "allow"
+        }
+      };
+  }
+}
+
 describe("copilotWriter", () => {
   let dir: string;
 
@@ -96,7 +144,115 @@ describe("copilotWriter", () => {
     expect(content).toContain("name: ade");
     expect(content).toContain("tools:");
     expect(content).toContain("  - workflows/*");
+    expect(content).toContain("mcp-servers:");
+    expect(content).toContain("  workflows:");
+    expect(content).toContain("    type: stdio");
+    expect(content).toContain('    command: "npx"');
+    expect(content).toContain('    args: ["-y","@codemcp/workflows"]');
+    expect(content).toContain('    tools: ["*"]');
+    expect(content).toContain("  - read");
     expect(content).toContain("  - edit");
+    expect(content).toContain("  - search");
+    expect(content).toContain("  - execute");
+    expect(content).toContain("  - agent");
+    expect(content).toContain("  - web");
+    expect(content).not.toContain("runCommands");
+    expect(content).not.toContain("runTasks");
+    expect(content).not.toContain("fetch");
+    expect(content).not.toContain("githubRepo");
     expect(content).toContain("Follow TDD.");
   });
+
+  it("derives the tools allowlist from autonomy while keeping web access approval-gated", async () => {
+    const rigidRoot = join(dir, "rigid");
+    const sensibleRoot = join(dir, "sensible");
+    const maxRoot = join(dir, "max");
+
+    const rigidConfig: LogicalConfig = {
+      mcp_servers: [
+        {
+          ref: "workflows",
+          command: "npx",
+          args: ["-y", "@codemcp/workflows"],
+          env: {}
+        }
+      ],
+      instructions: [],
+      cli_actions: [],
+      knowledge_sources: [],
+      skills: [],
+      git_hooks: [],
+      setup_notes: [],
+      permission_policy: autonomyPolicy("rigid")
+    };
+
+    const sensibleConfig: LogicalConfig = {
+      ...rigidConfig,
+      mcp_servers: [
+        {
+          ref: "workflows",
+          command: "npx",
+          args: ["-y", "@codemcp/workflows"],
+          env: {},
+          allowedTools: ["whats_next", "proceed_to_phase"]
+        }
+      ],
+      permission_policy: autonomyPolicy("sensible-defaults")
+    };
+
+    const maxConfig: LogicalConfig = {
+      ...rigidConfig,
+      permission_policy: autonomyPolicy("max-autonomy")
+    };
+
+    await copilotWriter.install(rigidConfig, rigidRoot);
+    await copilotWriter.install(sensibleConfig, sensibleRoot);
+    await copilotWriter.install(maxConfig, maxRoot);
+
+    const rigidAgent = await readFile(
+      join(rigidRoot, ".github", "agents", "ade.agent.md"),
+      "utf-8"
+    );
+    const sensibleAgent = await readFile(
+      join(sensibleRoot, ".github", "agents", "ade.agent.md"),
+      "utf-8"
+    );
+    const maxAgent = await readFile(
+      join(maxRoot, ".github", "agents", "ade.agent.md"),
+      "utf-8"
+    );
+
+    expect(rigidAgent).not.toContain("  - server/workflows/*");
+    expect(rigidAgent).toContain("  - workflows/*");
+    expect(rigidAgent).not.toContain("  - read");
+    expect(rigidAgent).not.toContain("  - edit");
+    expect(rigidAgent).not.toContain("  - search");
+    expect(rigidAgent).not.toContain("  - execute");
+    expect(rigidAgent).not.toContain("  - agent");
+    expect(rigidAgent).not.toContain("  - web");
+
+    expect(sensibleAgent).toContain("  - read");
+    expect(sensibleAgent).toContain("  - edit");
+    expect(sensibleAgent).toContain("  - search");
+    expect(sensibleAgent).toContain("  - agent");
+    expect(sensibleAgent).not.toContain("  - execute");
+    expect(sensibleAgent).not.toContain("  - todo");
+    expect(sensibleAgent).not.toContain("  - web");
+    expect(sensibleAgent).toContain("  - workflows/whats_next");
+    expect(sensibleAgent).toContain("  - workflows/proceed_to_phase");
+    expect(sensibleAgent).not.toContain("  - workflows/*");
+    expect(sensibleAgent).toContain(
+      '    tools: ["whats_next","proceed_to_phase"]'
+    );
+
+    expect(maxAgent).toContain("  - read");
+    expect(maxAgent).toContain("  - edit");
+    expect(maxAgent).toContain("  - search");
+    expect(maxAgent).toContain("  - execute");
+    expect(maxAgent).toContain("  - agent");
+    expect(maxAgent).toContain("  - todo");
+    expect(maxAgent).not.toContain("  - web");
+    expect(maxAgent).toContain("  - workflows/*");
+    expect(maxAgent).toContain("mcp-servers:");
+  });
 });

package/src/writers/copilot.ts

@@ -1,5 +1,5 @@
 import { join } from "node:path";
-import type { LogicalConfig } from "@codemcp/ade-core";
+import type { LogicalConfig, McpServerEntry } from "@codemcp/ade-core";
 import type { HarnessWriter } from "../types.js";
 import {
   writeMcpServers,
@@ -7,6 +7,11 @@ import {
   writeAgentMd,
   writeGitHooks
 } from "../util.js";
+import {
+  allowsCapability,
+  hasPermissionPolicy,
+  keepsWebOnAsk
+} from "../permission-policy.js";
 
 export const copilotWriter: HarnessWriter = {
   id: "copilot",
@@ -20,19 +25,81 @@ export const copilotWriter: HarnessWriter = {
     });
 
     const tools = [
-      "edit",
-      "search",
-      "runCommands",
-      "runTasks",
-      "fetch",
-      "githubRepo",
-      ...config.mcp_servers.map((s) => `${s.ref}/*`)
+      ...getBuiltInTools(config),
+      ...getForwardedMcpTools(config.mcp_servers)
     ];
 
     await writeAgentMd(config, {
       path: join(projectRoot, ".github", "agents", "ade.agent.md"),
-      extraFrontmatter: ["tools:", ...tools.map((t) => `  - ${t}`)]
+      extraFrontmatter: [
+        "tools:",
+        ...tools.map((t) => `  - ${t}`),
+        ...renderCopilotAgentMcpServers(config.mcp_servers)
+      ]
     });
     await writeGitHooks(config.git_hooks, projectRoot);
   }
 };
+
+function getBuiltInTools(config: LogicalConfig): string[] {
+  if (!hasPermissionPolicy(config)) {
+    return ["read", "edit", "search", "execute", "agent", "web"];
+  }
+
+  return [
+    ...(allowsCapability(config, "read") ? ["read"] : []),
+    ...(allowsCapability(config, "edit_write") ? ["edit"] : []),
+    ...(allowsCapability(config, "search_list") ? ["search"] : []),
+    ...(allowsCapability(config, "bash_unsafe") ? ["execute"] : []),
+    ...(allowsCapability(config, "task_agent") ? ["agent"] : []),
+    ...(allowsCapability(config, "task_agent") &&
+    allowsCapability(config, "bash_unsafe")
+      ? ["todo"]
+      : []),
+    ...(!keepsWebOnAsk(config) && allowsCapability(config, "web")
+      ? ["web"]
+      : [])
+  ];
+}
+
+function getForwardedMcpTools(servers: McpServerEntry[]): string[] {
+  return servers.flatMap((server) => {
+    const allowedTools = server.allowedTools ?? ["*"];
+    if (allowedTools.includes("*")) {
+      return [`${server.ref}/*`];
+    }
+
+    return allowedTools.map((tool) => `${server.ref}/${tool}`);
+  });
+}
+
+function renderCopilotAgentMcpServers(servers: McpServerEntry[]): string[] {
+  if (servers.length === 0) {
+    return [];
+  }
+
+  const lines = ["mcp-servers:"];
+
+  for (const server of servers) {
+    lines.push(`  ${formatYamlKey(server.ref)}:`);
+    lines.push("    type: stdio");
+    lines.push(`    command: ${JSON.stringify(server.command)}`);
+    lines.push(`    args: ${JSON.stringify(server.args)}`);
+    lines.push(`    tools: ${JSON.stringify(server.allowedTools ?? ["*"])}`);
+
+    if (Object.keys(server.env).length > 0) {
+      lines.push("    env:");
+      for (const [key, value] of Object.entries(server.env)) {
+        lines.push(`      ${formatYamlKey(key)}: ${JSON.stringify(value)}`);
+      }
+    }
+  }
+
+  return lines;
+}
+
+function formatYamlKey(value: string): string {
+  return /^[A-Za-z_][A-Za-z0-9_-]*$/.test(value)
+    ? value
+    : JSON.stringify(value);
+}