@lucashca/claudecontrol 0.3.29 → 0.3.30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/backend/agents/canUseTool.ts +6 -1
  2. package/backend/agents/lifecycle.ts +5 -5
  3. package/package.json +1 -1
  4. package/version.json +1 -1
package/backend/agents/canUseTool.ts CHANGED
@@ -43,8 +43,13 @@ export function createBypassCanUseTool(agentId: string, workspaceId: string) {
43
43
  * Creates canUseTool for default (secure) mode.
44
44
  * Shows permission prompt in the frontend and waits for user response.
45
45
  */
46
- export function createCanUseTool(agentId: string, workspaceId: string) {
46
+ export function createCanUseTool(agentId: string, workspaceId: string, isOrchestrator = false) {
47
47
  return (toolName: string, input: Record<string, unknown>, options: CanUseToolOptions) => {
48
+ if (toolName === 'Task' && !isOrchestrator) {
49
+ const session = agents.get(agentId);
50
+ if (session) pushLog(session, { type: 'system', text: 'Subagente bloqueado: apenas orquestradores podem iniciar subagentes', timestamp: new Date().toISOString() });
51
+ return Promise.resolve({ behavior: 'deny' as const, message: 'Apenas orquestradores podem iniciar subagentes' });
52
+ }
48
53
  const requestId = genId();
49
54
  const session = agents.get(agentId);
50
55
 
package/backend/agents/lifecycle.ts CHANGED
@@ -252,12 +252,12 @@ export async function sendToAgent(id: string, message: string, attachments?: Att
252
252
  }
253
253
  broadcast({ type: 'agent_working', agentId: id, workspaceId: session.workspaceId, task: displayText });
254
254
 
255
+ // Only the orchestrator role gets native subagent tools; specialists just execute tasks
256
+ const isOrchestrator = session.isOrchestrator === true || session.role === getOrchestratorRole(session.workspaceId);
257
+
255
258
  const permissionOpts = session.bypass
256
259
  ? { permissionMode: 'bypassPermissions' as const, allowDangerouslySkipPermissions: true, canUseTool: createBypassCanUseTool(id, session.workspaceId) }
257
- : { permissionMode: 'default' as const, canUseTool: createCanUseTool(id, session.workspaceId) };
258
-
259
- // Only the orchestrator role gets native subagent tools; specialists just execute tasks
260
- const isOrchestrator = session.role === getOrchestratorRole(session.workspaceId);
260
+ : { permissionMode: 'default' as const, canUseTool: createCanUseTool(id, session.workspaceId, isOrchestrator) };
261
261
  const subagents = (isOrchestrator && runtime.enableSubagents) ? buildSubagents(cwd, session.role) : {};
262
262
  const hasAttachments = attachments && attachments.length > 0;
263
263
 
@@ -389,7 +389,7 @@ export async function runAgentQuery(session: AgentSession, task: string, bypass
389
389
  stderr: (text: string) => console.error(`[agent:${session.id}]`, text),
390
390
  ...(bypass
391
391
  ? { permissionMode: 'bypassPermissions' as const, allowDangerouslySkipPermissions: true, canUseTool: createBypassCanUseTool(session.id, session.workspaceId) }
392
- : { permissionMode: 'default' as const, canUseTool: createCanUseTool(session.id, session.workspaceId) }),
392
+ : { permissionMode: 'default' as const, canUseTool: createCanUseTool(session.id, session.workspaceId, isOrchestrator) }),
393
393
  };
394
394
 
395
395
  try {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@lucashca/claudecontrol",
3
- "version": "0.3.29",
3
+ "version": "0.3.30",
4
4
  "description": "AI Agent Dashboard — manage multiple Claude Code agents across projects",
5
5
  "type": "module",
6
6
  "bin": {
package/version.json CHANGED
@@ -1 +1 @@
1
- {"version":"0.3.29","build":"2026-04-03T23:43:47.390Z"}
1
+ {"version":"0.3.30","build":"2026-04-03T23:54:10.502Z"}