@geravant/sinain 1.23.3 → 1.23.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@geravant/sinain",
|
|
3
|
-
"version": "1.23.
|
|
4
|
-
"description": "
|
|
3
|
+
"version": "1.23.5",
|
|
4
|
+
"description": "Context OS — captures what you see and hear, distills it into a private knowledge graph for AI-powered work",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|
|
7
7
|
"sinain": "./cli.js",
|
|
@@ -53,10 +53,10 @@
|
|
|
53
53
|
"agentMaxTurns": 8,
|
|
54
54
|
"spawnMaxTurns": 25,
|
|
55
55
|
|
|
56
|
-
"allowedTools": "mcp__sinain",
|
|
56
|
+
"allowedTools": "mcp__sinain ToolSearch",
|
|
57
57
|
"escAllowedTools": "${allowedTools} Bash(git:*) Edit Write Read Glob Grep LS",
|
|
58
58
|
"spawnAllowedTools": "${allowedTools} Bash(git:*) Edit Write Read Glob Grep LS",
|
|
59
|
-
"autoApproveTools": "Read Glob Grep Ls Cat mcp__sinain*",
|
|
59
|
+
"autoApproveTools": "Read Glob Grep Ls Cat Edit Write MultiEdit NotebookEdit WebFetch WebSearch TaskCreate TaskUpdate TaskGet TaskList TaskOutput TaskStop LSP Skill Monitor BashOutput KillBash mcp__sinain* ToolSearch",
|
|
60
60
|
|
|
61
61
|
"analyzer": {
|
|
62
62
|
"debounceMs": 6000,
|
package/sinain-agent/run.sh
CHANGED
|
@@ -259,6 +259,12 @@ invoke_agent() {
|
|
|
259
259
|
# still routes each call to the overlay for user Allow/Deny. Widen the
|
|
260
260
|
# whitelist so the hook can do its job. Override via SINAIN_SPAWN_ALLOWED_TOOLS.
|
|
261
261
|
local spawn_allowed="${SINAIN_SPAWN_ALLOWED_TOOLS:-${ALLOWED_TOOLS} Bash(git:*) Edit Write Read Glob Grep LS}"
|
|
262
|
+
# ToolSearch is a built-in Claude Code uses to load deferred MCP tool
|
|
263
|
+
# schemas. Without it pre-approved, every escalation that needs an
|
|
264
|
+
# un-cached sinain_* tool triggers a permission prompt — Test Mac
|
|
265
|
+
# hit this on overlay-v1.24.5 (~4 prompts per 7min). Always include
|
|
266
|
+
# regardless of agents.json content (defense-in-depth).
|
|
267
|
+
spawn_allowed="$spawn_allowed ToolSearch"
|
|
262
268
|
if [ "$quiet" = "true" ]; then
|
|
263
269
|
"$bin" \
|
|
264
270
|
--mcp-config "$MCP_CONFIG" \
|
|
@@ -278,6 +284,9 @@ invoke_agent() {
|
|
|
278
284
|
else
|
|
279
285
|
# Escalation path. Override via SINAIN_ESC_ALLOWED_TOOLS.
|
|
280
286
|
local esc_allowed="${SINAIN_ESC_ALLOWED_TOOLS:-${ALLOWED_TOOLS} Bash(git:*) Edit Write Read Glob Grep LS}"
|
|
287
|
+
# See spawn_allowed comment above — ToolSearch must be pre-approved
|
|
288
|
+
# or every escalation triggers a permission prompt.
|
|
289
|
+
esc_allowed="$esc_allowed ToolSearch"
|
|
281
290
|
if [ "$quiet" = "true" ]; then
|
|
282
291
|
"$bin" \
|
|
283
292
|
--mcp-config "$MCP_CONFIG" \
|
|
@@ -291,7 +291,15 @@ export function loadConfig(): CoreConfig {
|
|
|
291
291
|
const autoApproveRaw = fromCfgStr(
|
|
292
292
|
agentsCfg?.autoApproveTools,
|
|
293
293
|
"SINAIN_AUTO_APPROVE_TOOLS",
|
|
294
|
-
|
|
294
|
+
// Default auto-approve covers the Claude Code core tools the escalation
|
|
295
|
+
// flow realistically uses without prompting. Bash is intentionally NOT
|
|
296
|
+
// included — users wanting scoped shell commands without prompts should
|
|
297
|
+
// add patterns like "Bash(git:*) Bash(npm:*)" to agents.json.
|
|
298
|
+
"Read Glob Grep Ls Cat Edit Write MultiEdit NotebookEdit " +
|
|
299
|
+
"WebFetch WebSearch " +
|
|
300
|
+
"TaskCreate TaskUpdate TaskGet TaskList TaskOutput TaskStop " +
|
|
301
|
+
"LSP Skill Monitor BashOutput KillBash " +
|
|
302
|
+
"mcp__sinain* ToolSearch",
|
|
295
303
|
);
|
|
296
304
|
const permissionsConfig = {
|
|
297
305
|
autoApproveTools: autoApproveRaw.split(/\s+/).filter((t) => t.length > 0),
|