@doingdev/opencode-claude-manager-plugin 0.1.49 → 0.1.51

package/dist/team/roster.js

@@ -19,6 +19,7 @@ export function createEmptyEngineerRecord(name) {
         wrapperSessionId: null,
         claudeSessionId: null,
         busy: false,
+        busySince: null,
         lastMode: null,
         lastTaskSummary: null,
         lastUsedAt: null,

package/dist/test/claude-agent-sdk-adapter.test.js

@@ -253,17 +253,6 @@ describe('ClaudeAgentSdkAdapter', () => {
         });
         expect(result.events.map((event) => event.type)).toEqual(['init', 'result']);
     });
-    it('probes supported commands, agents, and models', async () => {
-        const adapter = new ClaudeAgentSdkAdapter({
-            query: () => createFakeQuery([]),
-            listSessions: async () => [],
-            getSessionMessages: async () => [],
-        });
-        const capabilities = await adapter.probeCapabilities('/tmp/project');
-        expect(capabilities.commands[0]).toMatchObject({ name: 'review' });
-        expect(capabilities.agents[0]).toMatchObject({ name: 'researcher' });
-        expect(capabilities.models).toEqual(['claude-sonnet-4-5']);
-    });
     it('defaults permissionMode to acceptEdits when omitted', async () => {
         let capturedPermissionMode;
         const adapter = new ClaudeAgentSdkAdapter({
@@ -429,6 +418,109 @@ describe('ClaudeAgentSdkAdapter', () => {
         expect(result.outputTokens).toBe(200);
         expect(result.contextWindowSize).toBe(180_000);
     });
+    it('denies write tools when restrictWriteTools is true', async () => {
+        let capturedCanUseTool;
+        const adapter = new ClaudeAgentSdkAdapter({
+            query: (params) => {
+                capturedCanUseTool = params.options?.canUseTool;
+                return createFakeQuery([
+                    {
+                        type: 'result',
+                        subtype: 'success',
+                        session_id: 'ses_rw',
+                        is_error: false,
+                        result: 'ok',
+                        num_turns: 1,
+                        total_cost_usd: 0,
+                    },
+                ]);
+            },
+            listSessions: async () => [],
+            getSessionMessages: async () => [],
+        });
+        await adapter.runSession({
+            cwd: '/tmp/project',
+            prompt: 'Investigate',
+            restrictWriteTools: true,
+        });
+        expect(capturedCanUseTool).toBeDefined();
+        const editResult = await capturedCanUseTool('Edit', { file_path: 'x.ts' }, {});
+        expect(editResult.behavior).toBe('deny');
+        const writeResult = await capturedCanUseTool('Write', { file_path: 'y.ts' }, {});
+        expect(writeResult.behavior).toBe('deny');
+        const multiEditResult = await capturedCanUseTool('MultiEdit', { file_path: 'z.ts' }, {});
+        expect(multiEditResult.behavior).toBe('deny');
+        const readResult = await capturedCanUseTool('Read', { file_path: 'a.ts' }, {});
+        expect(readResult.behavior).toBe('allow');
+        const grepResult = await capturedCanUseTool('Grep', { pattern: 'foo', path: '.' }, {});
+        expect(grepResult.behavior).toBe('allow');
+    });
+    it('denies destructive bash commands when restrictWriteTools is true', async () => {
+        let capturedCanUseTool;
+        const adapter = new ClaudeAgentSdkAdapter({
+            query: (params) => {
+                capturedCanUseTool = params.options?.canUseTool;
+                return createFakeQuery([
+                    {
+                        type: 'result',
+                        subtype: 'success',
+                        session_id: 'ses_bash',
+                        is_error: false,
+                        result: 'ok',
+                        num_turns: 1,
+                        total_cost_usd: 0,
+                    },
+                ]);
+            },
+            listSessions: async () => [],
+            getSessionMessages: async () => [],
+        });
+        await adapter.runSession({
+            cwd: '/tmp/project',
+            prompt: 'Check',
+            restrictWriteTools: true,
+        });
+        expect(capturedCanUseTool).toBeDefined();
+        const sedResult = await capturedCanUseTool('Bash', { command: "sed -i 's/old/new/' file.ts" }, {});
+        expect(sedResult.behavior).toBe('deny');
+        const echoResult = await capturedCanUseTool('Bash', { command: 'echo "data" > out.txt' }, {});
+        expect(echoResult.behavior).toBe('deny');
+        const gitCommitResult = await capturedCanUseTool('Bash', { command: 'git commit -m "fix"' }, {});
+        expect(gitCommitResult.behavior).toBe('deny');
+        const lsResult = await capturedCanUseTool('Bash', { command: 'ls -la src/' }, {});
+        expect(lsResult.behavior).toBe('allow');
+        const catResult = await capturedCanUseTool('Bash', { command: 'cat src/index.ts' }, {});
+        expect(catResult.behavior).toBe('allow');
+        const gitLogResult = await capturedCanUseTool('Bash', { command: 'git log --oneline -10' }, {});
+        expect(gitLogResult.behavior).toBe('allow');
+    });
+    it('allows write tools when restrictWriteTools is false', async () => {
+        let capturedCanUseTool;
+        const adapter = new ClaudeAgentSdkAdapter({
+            query: (params) => {
+                capturedCanUseTool = params.options?.canUseTool;
+                return createFakeQuery([
+                    {
+                        type: 'result',
+                        subtype: 'success',
+                        session_id: 'ses_free',
+                        is_error: false,
+                        result: 'ok',
+                        num_turns: 1,
+                        total_cost_usd: 0,
+                    },
+                ]);
+            },
+            listSessions: async () => [],
+            getSessionMessages: async () => [],
+        });
+        await adapter.runSession({
+            cwd: '/tmp/project',
+            prompt: 'Implement',
+            restrictWriteTools: false,
+        });
+        expect(capturedCanUseTool).toBeUndefined();
+    });
     it('passes through explicit permissionMode', async () => {
         let capturedPermissionMode;
         const adapter = new ClaudeAgentSdkAdapter({

package/dist/test/claude-manager.plugin.test.js

@@ -26,6 +26,8 @@ describe('ClaudeManagerPlugin', () => {
             todoread: 'allow',
             question: 'allow',
             team_status: 'allow',
+            plan_with_team: 'allow',
+            reset_engineer: 'allow',
             git_diff: 'allow',
             git_commit: 'allow',
             git_reset: 'allow',
@@ -61,6 +63,8 @@ describe('ClaudeManagerPlugin', () => {
                 claude: 'allow',
                 git_diff: 'deny',
                 git_commit: 'deny',
+                plan_with_team: 'deny',
+                reset_engineer: 'deny',
             });
             expect(agent.permission).not.toHaveProperty('read');
             expect(agent.permission).not.toHaveProperty('grep');
@@ -73,8 +77,9 @@ describe('ClaudeManagerPlugin', () => {
         const tools = plugin.tool;
         expect(tools['claude']).toBeDefined();
         expect(tools['team_status']).toBeDefined();
+        expect(tools['plan_with_team']).toBeDefined();
+        expect(tools['reset_engineer']).toBeDefined();
         expect(tools['assign_engineer']).toBeUndefined();
-        expect(tools['plan_with_team']).toBeUndefined();
     });
     it('claude tool requires mode and message and supports optional model', async () => {
         const plugin = await ClaudeManagerPlugin({

package/dist/test/context-tracker.test.js

@@ -122,14 +122,6 @@ describe('ContextTracker', () => {
         expect(snap.totalCostUsd).toBe(0.8);
         expect(snap.estimatedContextPercent).toBe(60);
     });
-    it('checks token threshold', () => {
-        const tracker = new ContextTracker();
-        expect(tracker.isAboveTokenThreshold()).toBe(false);
-        tracker.recordResult({ inputTokens: 150_000 });
-        expect(tracker.isAboveTokenThreshold(200_000)).toBe(false);
-        tracker.recordResult({ inputTokens: 210_000 });
-        expect(tracker.isAboveTokenThreshold(200_000)).toBe(true);
-    });
     it('accumulates session ID from results', () => {
         const tracker = new ContextTracker();
         tracker.recordResult({ sessionId: 'ses_abc' });

package/dist/test/git-operations.test.js

@@ -59,27 +59,6 @@ describe('GitOperations', () => {
         const diff = await git.diff();
         expect(diff.hasDiff).toBe(false);
     });
-    it('returns current branch', async () => {
-        const dir = await createTestRepo();
-        const git = new GitOperations(dir);
-        const branch = await git.currentBranch();
-        // Could be 'main' or 'master' depending on git config
-        expect(branch.length).toBeGreaterThan(0);
-    });
-    it('returns recent commits', async () => {
-        const dir = await createTestRepo();
-        const git = new GitOperations(dir);
-        const log = await git.recentCommits(1);
-        expect(log).toContain('initial');
-    });
-    it('returns diffStat output', async () => {
-        const dir = await createTestRepo();
-        await writeFile(join(dir, 'README.md'), '# Changed\n');
-        const git = new GitOperations(dir);
-        const stat = await git.diffStat();
-        expect(stat).toContain('README.md');
-        expect(stat).toContain('changed');
-    });
     it('handles commit failure on clean repo', async () => {
         const dir = await createTestRepo();
         const git = new GitOperations(dir);

package/dist/test/persistent-manager.test.js

@@ -1,45 +1,5 @@
 import { describe, expect, it, vi } from 'vitest';
 import { PersistentManager } from '../src/manager/persistent-manager.js';
-import { ContextTracker } from '../src/manager/context-tracker.js';
-function emptyContext() {
-    return {
-        sessionId: null,
-        totalTurns: 0,
-        totalCostUsd: 0,
-        latestInputTokens: null,
-        latestOutputTokens: null,
-        contextWindowSize: null,
-        estimatedContextPercent: null,
-        warningLevel: 'ok',
-        compactionCount: 0,
-    };
-}
-function createMockSessionController() {
-    return {
-        isActive: false,
-        sessionId: null,
-        sendMessage: vi.fn(async () => ({
-            sessionId: 'ses_mock',
-            events: [],
-            finalText: 'Task completed.',
-            turns: 2,
-            totalCostUsd: 0.03,
-            inputTokens: 20_000,
-            outputTokens: 1_000,
-            contextWindowSize: 200_000,
-        })),
-        compactSession: vi.fn(async () => ({
-            sessionId: 'ses_mock',
-            events: [],
-            finalText: 'Compacted.',
-            turns: 3,
-            totalCostUsd: 0.04,
-        })),
-        clearSession: vi.fn(async () => 'ses_mock'),
-        getContextSnapshot: vi.fn(() => emptyContext()),
-        tryRestore: vi.fn(async () => false),
-    };
-}
 function createMockGitOps() {
     return {
         diff: vi.fn(async () => ({
@@ -55,28 +15,6 @@ function createMockGitOps() {
             success: true,
             output: 'HEAD is now at abc1234',
         })),
-        diffStat: vi.fn(async () => '1 file changed, 1 insertion(+)'),
-        currentBranch: vi.fn(async () => 'main'),
-        recentCommits: vi.fn(async () => 'abc1234 initial'),
-    };
-}
-function createMockStateStore() {
-    const runs = new Map();
-    return {
-        saveRun: vi.fn(async (run) => {
-            runs.set(run.id, structuredClone(run));
-        }),
-        getRun: vi.fn(async (_cwd, runId) => runs.get(runId) ?? null),
-        listRuns: vi.fn(async () => [...runs.values()]),
-        updateRun: vi.fn(async (_cwd, runId, update) => {
-            const existing = runs.get(runId);
-            if (!existing) {
-                throw new Error(`Run ${runId} not found`);
-            }
-            const updated = update(existing);
-            runs.set(runId, structuredClone(updated));
-            return updated;
-        }),
     };
 }
 function createMockTranscriptStore() {
@@ -86,123 +24,25 @@ function createMockTranscriptStore() {
     };
 }
 describe('PersistentManager', () => {
-    it('sends a message through the session controller', async () => {
-        const sessionCtrl = createMockSessionController();
-        const gitOps = createMockGitOps();
-        const store = createMockStateStore();
-        const tracker = new ContextTracker();
-        const manager = new PersistentManager(sessionCtrl, gitOps, store, tracker, createMockTranscriptStore());
-        const result = await manager.sendMessage('/tmp', 'implement feature X');
-        expect(sessionCtrl.sendMessage).toHaveBeenCalledWith('implement feature X', undefined, undefined);
-        expect(result.finalText).toBe('Task completed.');
-        expect(result.inputTokens).toBe(20_000);
-        expect(result.outputTokens).toBe(1_000);
-        expect(result.contextWindowSize).toBe(200_000);
-        expect(result.context).toBeDefined();
-    });
-    it('persists transcript events on sendMessage', async () => {
-        const sessionCtrl = createMockSessionController();
-        sessionCtrl.sendMessage.mockResolvedValueOnce({
-            sessionId: 'ses_tx',
-            events: [
-                { type: 'init', text: 'init' },
-                { type: 'assistant', text: 'Done.' },
-                { type: 'result', text: 'Done.', turns: 1, totalCostUsd: 0.01 },
-            ],
-            finalText: 'Done.',
-            turns: 1,
-            totalCostUsd: 0.01,
-        });
-        const transcriptStore = createMockTranscriptStore();
-        const manager = new PersistentManager(sessionCtrl, createMockGitOps(), createMockStateStore(), new ContextTracker(), transcriptStore);
-        await manager.sendMessage('/tmp', 'do something');
-        expect(transcriptStore.appendEvents).toHaveBeenCalledWith('/tmp', 'ses_tx', [
-            { type: 'init', text: 'init' },
-            { type: 'assistant', text: 'Done.' },
-            { type: 'result', text: 'Done.', turns: 1, totalCostUsd: 0.01 },
-        ]);
-    });
-    it('skips transcript persistence when events are empty', async () => {
-        const transcriptStore = createMockTranscriptStore();
-        const manager = new PersistentManager(createMockSessionController(), createMockGitOps(), createMockStateStore(), new ContextTracker(), transcriptStore);
-        await manager.sendMessage('/tmp', 'hello');
-        expect(transcriptStore.appendEvents).not.toHaveBeenCalled();
-    });
     it('delegates git diff to GitOperations', async () => {
-        const sessionCtrl = createMockSessionController();
         const gitOps = createMockGitOps();
-        const store = createMockStateStore();
-        const tracker = new ContextTracker();
-        const manager = new PersistentManager(sessionCtrl, gitOps, store, tracker, createMockTranscriptStore());
+        const manager = new PersistentManager(gitOps, createMockTranscriptStore());
         const diff = await manager.gitDiff();
         expect(diff.hasDiff).toBe(true);
         expect(diff.stats.filesChanged).toBe(1);
     });
     it('delegates git commit to GitOperations', async () => {
-        const sessionCtrl = createMockSessionController();
         const gitOps = createMockGitOps();
-        const store = createMockStateStore();
-        const tracker = new ContextTracker();
-        const manager = new PersistentManager(sessionCtrl, gitOps, store, tracker, createMockTranscriptStore());
+        const manager = new PersistentManager(gitOps, createMockTranscriptStore());
         const result = await manager.gitCommit('feat: add X');
-        expect(gitOps.commit).toHaveBeenCalledWith('feat: add X');
+        expect(gitOps.commit).toHaveBeenCalledWith('feat: add X', undefined);
         expect(result.success).toBe(true);
     });
     it('delegates git reset to GitOperations', async () => {
-        const sessionCtrl = createMockSessionController();
         const gitOps = createMockGitOps();
-        const store = createMockStateStore();
-        const tracker = new ContextTracker();
-        const manager = new PersistentManager(sessionCtrl, gitOps, store, tracker, createMockTranscriptStore());
+        const manager = new PersistentManager(gitOps, createMockTranscriptStore());
         const result = await manager.gitReset();
         expect(gitOps.resetHard).toHaveBeenCalled();
         expect(result.success).toBe(true);
     });
-    it('executes a task with run tracking', async () => {
-        const sessionCtrl = createMockSessionController();
-        const gitOps = createMockGitOps();
-        const store = createMockStateStore();
-        const tracker = new ContextTracker();
-        const manager = new PersistentManager(sessionCtrl, gitOps, store, tracker, createMockTranscriptStore());
-        const result = await manager.executeTask('/tmp', 'add tests');
-        expect(result.run.status).toBe('completed');
-        expect(result.run.task).toBe('add tests');
-        expect(result.run.finalSummary).toBe('Task completed.');
-        expect(result.run.messages).toHaveLength(2);
-        expect(result.run.messages[0].direction).toBe('sent');
-        expect(result.run.messages[1].direction).toBe('received');
-        // Verify state was persisted
-        expect(store.saveRun).toHaveBeenCalled();
-        expect(store.updateRun).toHaveBeenCalled();
-    });
-    it('marks run as failed when session throws', async () => {
-        const sessionCtrl = createMockSessionController();
-        sessionCtrl.sendMessage.mockRejectedValueOnce(new Error('SDK connection failed'));
-        const gitOps = createMockGitOps();
-        const store = createMockStateStore();
-        const tracker = new ContextTracker();
-        const manager = new PersistentManager(sessionCtrl, gitOps, store, tracker, createMockTranscriptStore());
-        const result = await manager.executeTask('/tmp', 'failing task');
-        expect(result.run.status).toBe('failed');
-        expect(result.run.finalSummary).toBe('SDK connection failed');
-    });
-    it('clears session via controller', async () => {
-        const sessionCtrl = createMockSessionController();
-        const gitOps = createMockGitOps();
-        const store = createMockStateStore();
-        const tracker = new ContextTracker();
-        const manager = new PersistentManager(sessionCtrl, gitOps, store, tracker, createMockTranscriptStore());
-        const cleared = await manager.clearSession();
-        expect(cleared).toBe('ses_mock');
-        expect(sessionCtrl.clearSession).toHaveBeenCalled();
-    });
-    it('returns status from session controller', () => {
-        const sessionCtrl = createMockSessionController();
-        const gitOps = createMockGitOps();
-        const store = createMockStateStore();
-        const tracker = new ContextTracker();
-        const manager = new PersistentManager(sessionCtrl, gitOps, store, tracker, createMockTranscriptStore());
-        const status = manager.getStatus();
-        expect(status).toEqual(emptyContext());
-    });
 });

package/dist/test/prompt-registry.test.js

@@ -2,9 +2,9 @@ import { describe, expect, it } from 'vitest';
 import { managerPromptRegistry } from '../src/prompts/registry.js';
 describe('managerPromptRegistry', () => {
     it('gives the CTO explicit orchestration guidance', () => {
-        expect(managerPromptRegistry.ctoSystemPrompt).toContain('You are the CTO');
+        expect(managerPromptRegistry.ctoSystemPrompt).toContain('You are a principal engineer orchestrating a team of AI-powered engineers');
         expect(managerPromptRegistry.ctoSystemPrompt).toContain('Task tool');
-        expect(managerPromptRegistry.ctoSystemPrompt).toContain('spawn two engineers in parallel');
+        expect(managerPromptRegistry.ctoSystemPrompt).toContain('dispatch two engineers with complementary perspectives');
         expect(managerPromptRegistry.ctoSystemPrompt).toContain('question');
         expect(managerPromptRegistry.ctoSystemPrompt).toContain('Tom, John, Maya, Sara, and Alex');
         expect(managerPromptRegistry.ctoSystemPrompt).not.toContain('clear_session');
@@ -13,21 +13,16 @@ describe('managerPromptRegistry', () => {
     it('keeps the engineer wrapper prompt short and tool-focused', () => {
         expect(managerPromptRegistry.engineerAgentPrompt).toContain('named engineer');
         expect(managerPromptRegistry.engineerAgentPrompt).toContain('claude');
-        expect(managerPromptRegistry.engineerAgentPrompt).toContain('remembers prior turns');
+        expect(managerPromptRegistry.engineerAgentPrompt).toContain('remembers your prior turns');
         expect(managerPromptRegistry.engineerAgentPrompt).toContain('wrapper context');
         expect(managerPromptRegistry.engineerAgentPrompt).not.toContain('read/grep/glob');
     });
     it('keeps the engineer session prompt direct and repo-aware', () => {
         expect(managerPromptRegistry.engineerSessionPrompt).toContain('expert software engineer');
-        expect(managerPromptRegistry.engineerSessionPrompt).toContain('Execute directly');
+        expect(managerPromptRegistry.engineerSessionPrompt).toContain('Start with the smallest investigation that resolves the key uncertainty');
         expect(managerPromptRegistry.engineerSessionPrompt).toContain('Verify your own work');
         expect(managerPromptRegistry.engineerSessionPrompt).toContain('Do not run git commit');
     });
-    it('still exposes plan and free mode prefixes', () => {
-        expect(managerPromptRegistry.modePrefixes.plan).toContain('PLAN MODE');
-        expect(managerPromptRegistry.modePrefixes.plan).toContain('Read-only');
-        expect(managerPromptRegistry.modePrefixes.free).toBe('');
-    });
     it('keeps context warnings available for engineer sessions', () => {
         expect(managerPromptRegistry.contextWarnings.moderate).toContain('{percent}');
         expect(managerPromptRegistry.contextWarnings.high).toContain('{turns}');

package/dist/test/report-claude-event.test.js

@@ -95,7 +95,7 @@ describe('reportClaudeEvent — via plugin onEvent chain', () => {
         await executeClaude(plugin, ctx);
         const call = metadata.mock.calls.find(([c]) => c?.title?.includes('→'))?.[0];
         expect(call).toBeDefined();
-        expect(call.title).toBe('⚡ Tom → read');
+        expect(call.title).toBe('⚡ Tom → Reading: /foo.ts');
         expect(call.metadata.toolName).toBe('read');
         expect(call.metadata.toolId).toBe('call-abc');
         expect(call.metadata.toolArgs).toEqual({ file_path: '/foo.ts' });
@@ -118,7 +118,7 @@ describe('reportClaudeEvent — via plugin onEvent chain', () => {
         const { metadata, ctx } = makeContext(tempRoot, ENGINEER_AGENT_IDS.Tom, 'wrapper-2');
         await executeClaude(plugin, ctx);
         const call = metadata.mock.calls.find(([c]) => c?.title?.includes('→'))?.[0];
-        expect(call.title).toBe('⚡ Tom → bash');
+        expect(call.title).toBe('⚡ Tom → Running: ls -la');
         expect(call.metadata.toolArgs).toEqual({ command: 'ls -la' });
     });
     it('falls back to generic title and omits tool fields when event.text is not JSON', async () => {
@@ -180,7 +180,7 @@ describe('second invocation continuity', () => {
         // ── Phase 1: first task via orchestrator (no real SDK needed) ──────────
         const store = new TeamStateStore();
         await store.setActiveTeam(tempRoot, 'cto-1');
-        const orchestrator = new TeamOrchestrator({ runTask: vi.fn() }, store, { appendEvents: vi.fn(async () => undefined) }, 'Base prompt', []);
+        const orchestrator = new TeamOrchestrator({ runTask: vi.fn() }, store, { appendEvents: vi.fn(async () => undefined) }, 'Base prompt');
         await orchestrator.recordWrapperSession(tempRoot, 'cto-1', 'Tom', 'wrapper-tom-1');
         await orchestrator.recordWrapperExchange(tempRoot, 'cto-1', 'Tom', 'wrapper-tom-1', 'explore', 'Investigate the auth flow', 'Found two race conditions in the token refresh path.');
         // ── Phase 2: process restart ───────────────────────────────────────────
@@ -206,7 +206,7 @@ describe('second invocation continuity', () => {
         // ── Phase 1: pre-seed Tom with a claudeSessionId ───────────────────────
         const store = new TeamStateStore();
         await store.setActiveTeam(tempRoot, 'cto-1');
-        const orchestrator = new TeamOrchestrator({ runTask: vi.fn() }, store, { appendEvents: vi.fn(async () => undefined) }, 'Base prompt', []);
+        const orchestrator = new TeamOrchestrator({ runTask: vi.fn() }, store, { appendEvents: vi.fn(async () => undefined) }, 'Base prompt');
         await orchestrator.getOrCreateTeam(tempRoot, 'cto-1');
         await store.updateTeam(tempRoot, 'cto-1', (team) => ({
             ...team,

package/dist/test/team-orchestrator.test.js

@@ -35,7 +35,7 @@ describe('TeamOrchestrator', () => {
             outputTokens: 300,
             contextWindowSize: 200_000,
         });
-        const orchestrator = new TeamOrchestrator({ runTask }, new TeamStateStore('.state'), { appendEvents: vi.fn(async () => { }) }, 'Base engineer prompt', []);
+        const orchestrator = new TeamOrchestrator({ runTask }, new TeamStateStore('.state'), { appendEvents: vi.fn(async () => { }) }, 'Base engineer prompt');
         const first = await orchestrator.dispatchEngineer({
             teamId: 'team-1',
             cwd: tempRoot,
@@ -55,12 +55,14 @@ describe('TeamOrchestrator', () => {
         expect(runTask.mock.calls[0]?.[0]).toMatchObject({
             systemPrompt: expect.stringContaining('Assigned engineer: Tom.'),
             resumeSessionId: undefined,
-            permissionMode: 'plan',
+            permissionMode: 'acceptEdits',
+            restrictWriteTools: true,
         });
         expect(runTask.mock.calls[1]?.[0]).toMatchObject({
             systemPrompt: undefined,
             resumeSessionId: 'ses_tom',
             permissionMode: 'acceptEdits',
+            restrictWriteTools: false,
         });
         const team = await orchestrator.getOrCreateTeam(tempRoot, 'team-1');
         expect(team.engineers.find((engineer) => engineer.name === 'Tom')).toMatchObject({
@@ -72,7 +74,7 @@ describe('TeamOrchestrator', () => {
     it('rejects work when the same engineer is already busy', async () => {
         tempRoot = await mkdtemp(join(tmpdir(), 'team-orchestrator-'));
         const store = new TeamStateStore('.state');
-        const orchestrator = new TeamOrchestrator({ runTask: vi.fn() }, store, { appendEvents: vi.fn(async () => { }) }, 'Base engineer prompt', []);
+        const orchestrator = new TeamOrchestrator({ runTask: vi.fn() }, store, { appendEvents: vi.fn(async () => { }) }, 'Base engineer prompt');
         const team = await orchestrator.getOrCreateTeam(tempRoot, 'team-1');
         await store.saveTeam({
             ...team,
@@ -110,7 +112,7 @@ describe('TeamOrchestrator', () => {
             events: [],
             finalText: '## Synthesis\nCombined plan\n## Recommended Question\nShould we migrate now?\n## Recommended Answer\nNo, defer it.',
         });
-        const orchestrator = new TeamOrchestrator({ runTask }, new TeamStateStore('.state'), { appendEvents: vi.fn(async () => { }) }, 'Base engineer prompt', []);
+        const orchestrator = new TeamOrchestrator({ runTask }, new TeamStateStore('.state'), { appendEvents: vi.fn(async () => { }) }, 'Base engineer prompt');
         const result = await orchestrator.planWithTeam({
             teamId: 'team-1',
             cwd: tempRoot,
@@ -126,7 +128,7 @@ describe('TeamOrchestrator', () => {
     });
     it('persists wrapper session memory for an engineer', async () => {
         tempRoot = await mkdtemp(join(tmpdir(), 'team-orchestrator-'));
-        const orchestrator = new TeamOrchestrator({ runTask: vi.fn() }, new TeamStateStore('.state'), { appendEvents: vi.fn(async () => { }) }, 'Base engineer prompt', []);
+        const orchestrator = new TeamOrchestrator({ runTask: vi.fn() }, new TeamStateStore('.state'), { appendEvents: vi.fn(async () => { }) }, 'Base engineer prompt');
         await orchestrator.recordWrapperSession(tempRoot, 'team-1', 'Tom', 'wrapper-tom');
         await orchestrator.recordWrapperExchange(tempRoot, 'team-1', 'Tom', 'wrapper-tom', 'explore', 'Investigate the auth flow and compare approaches', 'The auth flow uses one shared validator and the cookie refresh path is the main risk.');
         const team = await orchestrator.getOrCreateTeam(tempRoot, 'team-1');

package/dist/test/tool-approval-manager.test.js

@@ -143,41 +143,41 @@ describe('ToolApprovalManager', () => {
         });
     });
     describe('policy management', () => {
-        it('addRule inserts at specified position', () => {
+        it('addRule inserts at specified position', async () => {
             const manager = new ToolApprovalManager({
                 rules: [],
                 enabled: true,
                 defaultAction: 'allow',
             });
-            manager.addRule({ id: 'a', toolPattern: 'A', action: 'allow' });
-            manager.addRule({ id: 'b', toolPattern: 'B', action: 'allow' });
-            manager.addRule({ id: 'c', toolPattern: 'C', action: 'deny' }, 1);
+            await manager.addRule({ id: 'a', toolPattern: 'A', action: 'allow' });
+            await manager.addRule({ id: 'b', toolPattern: 'B', action: 'allow' });
+            await manager.addRule({ id: 'c', toolPattern: 'C', action: 'deny' }, 1);
             const rules = manager.getPolicy().rules;
             expect(rules.map((r) => r.id)).toEqual(['a', 'c', 'b']);
         });
-        it('addRule appends to end by default', () => {
+        it('addRule appends to end by default', async () => {
             const manager = new ToolApprovalManager({
                 rules: [],
                 enabled: true,
                 defaultAction: 'allow',
             });
-            manager.addRule({ id: 'a', toolPattern: 'A', action: 'allow' });
-            manager.addRule({ id: 'b', toolPattern: 'B', action: 'allow' });
+            await manager.addRule({ id: 'a', toolPattern: 'A', action: 'allow' });
+            await manager.addRule({ id: 'b', toolPattern: 'B', action: 'allow' });
             expect(manager.getPolicy().rules.map((r) => r.id)).toEqual(['a', 'b']);
         });
-        it('removeRule removes by ID and returns true', () => {
+        it('removeRule removes by ID and returns true', async () => {
             const manager = new ToolApprovalManager();
-            const removed = manager.removeRule('allow-read');
+            const removed = await manager.removeRule('allow-read');
             expect(removed).toBe(true);
             expect(manager.getPolicy().rules.find((r) => r.id === 'allow-read')).toBeUndefined();
         });
-        it('removeRule returns false for non-existent ID', () => {
+        it('removeRule returns false for non-existent ID', async () => {
             const manager = new ToolApprovalManager();
-            expect(manager.removeRule('nonexistent')).toBe(false);
+            expect(await manager.removeRule('nonexistent')).toBe(false);
         });
-        it('setPolicy replaces entire policy', () => {
+        it('setPolicy replaces entire policy', async () => {
             const manager = new ToolApprovalManager();
-            manager.setPolicy({
+            await manager.setPolicy({
                 rules: [{ id: 'only', toolPattern: '*', action: 'deny' }],
                 defaultAction: 'deny',
                 enabled: true,
@@ -185,16 +185,16 @@ describe('ToolApprovalManager', () => {
             expect(manager.getPolicy().rules).toHaveLength(1);
             expect(manager.getPolicy().defaultAction).toBe('deny');
         });
-        it('setDefaultAction changes the fallback', () => {
+        it('setDefaultAction changes the fallback', async () => {
             const manager = new ToolApprovalManager({
                 rules: [],
                 enabled: true,
                 defaultAction: 'allow',
             });
-            manager.setDefaultAction('deny');
+            await manager.setDefaultAction('deny');
             expect(manager.evaluate('Unknown', {}).behavior).toBe('deny');
         });
-        it('setEnabled toggles the manager', () => {
+        it('setEnabled toggles the manager', async () => {
             const manager = new ToolApprovalManager({
                 rules: [
                     {
@@ -208,7 +208,7 @@ describe('ToolApprovalManager', () => {
                 defaultAction: 'deny',
             });
             expect(manager.evaluate('Read', {}).behavior).toBe('deny');
-            manager.setEnabled(false);
+            await manager.setEnabled(false);
             expect(manager.evaluate('Read', {}).behavior).toBe('allow');
         });
     });