@pellux/goodvibes-agent 0.1.10 → 0.1.11

package/src/input/commands/managed-runtime.ts

@@ -20,6 +20,7 @@ import {
 } from '@/runtime/index.ts';
 import { requireProfileManager, requireShellPaths } from './runtime-services.ts';
 import { summarizeError } from '@pellux/goodvibes-sdk/platform/utils';
+import { requireYesFlag, stripYesFlag } from './confirmation.ts';
 
 function buildConfigSnapshot(
   manager: { get: (key: ConfigKey) => unknown },
@@ -39,11 +40,13 @@ export function registerManagedRuntimeCommands(registry: CommandRegistry): void
   registry.register({
     name: 'managed',
     description: 'Export, inspect, and apply managed settings bundles',
-    usage: '[review|staged|rollback-history|export <profile> <path>|inspect <path>|stage <path>|apply <path> [key ...]|apply-staged [key ...]|rollback <token>|lock <key> <source> <reason...>|unlock <key>]',
+    usage: '[review|staged|rollback-history|export <profile> <path> --yes|inspect <path>|stage <path> --yes|apply <path> [key ...] --yes|apply-staged [key ...] --yes|rollback <token> --yes|lock <key> <source> <reason...> --yes|unlock <key> --yes]',
     handler(args, ctx) {
+      const parsed = stripYesFlag(args);
+      const commandArgs = [...parsed.rest];
       const shellPaths = requireShellPaths(ctx);
       const controlPlaneConfigDir = ctx.platform.configManager.getControlPlaneConfigDir();
-      const sub = args[0] ?? 'review';
+      const sub = commandArgs[0] ?? 'review';
       const pm = requireProfileManager(ctx);
       if (sub === 'review') {
         const profiles = pm.list();
@@ -78,11 +81,15 @@ export function registerManagedRuntimeCommands(registry: CommandRegistry): void
       }
 
       if (sub === 'lock') {
-        const key = args[1] as ConfigKey | undefined;
-        const source = args[2];
-        const reason = args.slice(3).join(' ').trim();
+        const key = commandArgs[1] as ConfigKey | undefined;
+        const source = commandArgs[2];
+        const reason = commandArgs.slice(3).join(' ').trim();
         if (!key || !source || !reason) {
-          ctx.print('Usage: /managed lock <key> <source> <reason...>');
+          ctx.print('Usage: /managed lock <key> <source> <reason...> --yes');
+          return;
+        }
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `lock managed setting ${key}`, '/managed lock <key> <source> <reason...> --yes');
           return;
         }
         setManagedSettingLock(key, source, reason, controlPlaneConfigDir);
@@ -91,9 +98,13 @@ export function registerManagedRuntimeCommands(registry: CommandRegistry): void
       }
 
       if (sub === 'unlock') {
-        const key = args[1] as ConfigKey | undefined;
+        const key = commandArgs[1] as ConfigKey | undefined;
         if (!key) {
-          ctx.print('Usage: /managed unlock <key>');
+          ctx.print('Usage: /managed unlock <key> --yes');
+          return;
+        }
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `unlock managed setting ${key}`, '/managed unlock <key> --yes');
           return;
         }
         ctx.print(clearManagedSettingLock(key, controlPlaneConfigDir) ? `Managed lock cleared for ${key}.` : `No managed lock found for ${key}.`);
@@ -101,10 +112,14 @@ export function registerManagedRuntimeCommands(registry: CommandRegistry): void
       }
 
       if (sub === 'export') {
-        const profileName = args[1];
-        const pathArg = args[2];
+        const profileName = commandArgs[1];
+        const pathArg = commandArgs[2];
         if (!profileName || !pathArg) {
-          ctx.print('Usage: /managed export <profile> <path>');
+          ctx.print('Usage: /managed export <profile> <path> --yes');
+          return;
+        }
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `export managed settings profile ${profileName} to ${pathArg}`, '/managed export <profile> <path> --yes');
           return;
         }
         const loaded = pm.load(profileName);
@@ -129,12 +144,16 @@ export function registerManagedRuntimeCommands(registry: CommandRegistry): void
       }
 
       if (sub === 'apply-staged') {
-        const requestedKeys = args.slice(1).filter((value): value is ConfigKey => CONFIG_KEYS.has(value as ConfigKey));
-        const invalidKeys = args.slice(1).filter((value) => !CONFIG_KEYS.has(value as ConfigKey));
+        const requestedKeys = commandArgs.slice(1).filter((value): value is ConfigKey => CONFIG_KEYS.has(value as ConfigKey));
+        const invalidKeys = commandArgs.slice(1).filter((value) => !CONFIG_KEYS.has(value as ConfigKey));
         if (invalidKeys.length > 0) {
           ctx.print(`Unknown config key(s): ${invalidKeys.join(', ')}`);
           return;
         }
+        if (!parsed.yes) {
+          requireYesFlag(ctx, 'apply staged managed settings', '/managed apply-staged [key ...] --yes');
+          return;
+        }
         try {
           const result = applyStagedManagedBundle(ctx.platform.configManager, requestedKeys);
           ctx.session.runtime.model = String(ctx.platform.configManager.get('provider.model'));
@@ -149,9 +168,13 @@ export function registerManagedRuntimeCommands(registry: CommandRegistry): void
       }
 
       if (sub === 'rollback') {
-        const token = args[1];
+        const token = commandArgs[1];
         if (!token) {
-          ctx.print('Usage: /managed rollback <token>');
+          ctx.print('Usage: /managed rollback <token> --yes');
+          return;
+        }
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `rollback managed settings token ${token}`, '/managed rollback <token> --yes');
           return;
         }
         try {
@@ -167,9 +190,9 @@ export function registerManagedRuntimeCommands(registry: CommandRegistry): void
         return;
       }
 
-      const pathArg = args[1];
+      const pathArg = commandArgs[1];
       if (!pathArg) {
-        ctx.print(`Usage: /managed ${sub} <path>`);
+        ctx.print(`Usage: /managed ${sub} <path>${sub === 'stage' || sub === 'apply' ? ' --yes' : ''}`);
         return;
       }
       const sourcePath = shellPaths.resolveWorkspacePath(pathArg);
@@ -181,18 +204,26 @@ export function registerManagedRuntimeCommands(registry: CommandRegistry): void
       }
 
       if (sub === 'stage') {
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `stage managed settings bundle from ${pathArg}`, '/managed stage <path> --yes');
+          return;
+        }
         const stage = stageManagedSettingsBundle(ctx.platform.configManager, bundle, sourcePath);
         ctx.print(`Managed settings bundle staged from ${sourcePath} (${stage.changeCount} changes, risk=${stage.risk}).`);
         return;
       }
 
       if (sub === 'apply') {
-        const requestedKeys = args.slice(2).filter((value): value is ConfigKey => CONFIG_KEYS.has(value as ConfigKey));
-        const invalidKeys = args.slice(2).filter((value) => !CONFIG_KEYS.has(value as ConfigKey));
+        const requestedKeys = commandArgs.slice(2).filter((value): value is ConfigKey => CONFIG_KEYS.has(value as ConfigKey));
+        const invalidKeys = commandArgs.slice(2).filter((value) => !CONFIG_KEYS.has(value as ConfigKey));
         if (invalidKeys.length > 0) {
           ctx.print(`Unknown config key(s): ${invalidKeys.join(', ')}`);
           return;
         }
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `apply managed settings bundle from ${pathArg}`, '/managed apply <path> [key ...] --yes');
+          return;
+        }
         stageManagedSettingsBundle(ctx.platform.configManager, bundle, sourcePath);
         const result = applyStagedManagedBundle(ctx.platform.configManager, requestedKeys);
         ctx.session.runtime.model = String(ctx.platform.configManager.get('provider.model'));
@@ -203,7 +234,7 @@ export function registerManagedRuntimeCommands(registry: CommandRegistry): void
       }
 
       recordSettingsSyncFailure('managed', `unsupported subcommand: ${sub}`, controlPlaneConfigDir);
-      ctx.print('Usage: /managed [review|staged|rollback-history|export <profile> <path>|inspect <path>|stage <path>|apply <path> [key ...]|apply-staged [key ...]|rollback <token>|lock <key> <source> <reason...>|unlock <key>]');
+      ctx.print('Usage: /managed [review|staged|rollback-history|export <profile> <path> --yes|inspect <path>|stage <path> --yes|apply <path> [key ...] --yes|apply-staged [key ...] --yes|rollback <token> --yes|lock <key> <source> <reason...> --yes|unlock <key> --yes]');
     },
   });
 }

package/src/input/commands/marketplace-runtime.ts

@@ -20,6 +20,7 @@ import {
   type EcosystemEntryKind,
 } from '@/runtime/index.ts';
 import { openCommandPanel, requireEcosystemCatalogPaths, requireReadModels, requireShellPaths } from './runtime-services.ts';
+import { requireYesFlag, stripYesFlag } from './confirmation.ts';
 
 function resolveMarketplaceEntry(
   kind: EcosystemEntryKind,
@@ -39,11 +40,13 @@ export function registerMarketplaceRuntimeCommands(registry: CommandRegistry): v
     name: 'marketplace',
     aliases: ['catalog'],
     description: 'Browse the unified plugin and skill marketplace',
-    usage: '[open|overview|recommend|browse [query]|review <plugin|skill|hook-pack|policy-pack> <id>|provenance <plugin|skill|hook-pack|policy-pack> <id>|install-hint <plugin|skill|hook-pack|policy-pack> <id>|install <plugin|skill|hook-pack|policy-pack> <id> [project|user]|update <plugin|skill|hook-pack|policy-pack> <id> [project|user]|rollback <plugin|skill|hook-pack|policy-pack> <id> [project|user] [backupId]|history <plugin|skill|hook-pack|policy-pack> <id> [project|user]|uninstall <plugin|skill|hook-pack|policy-pack> <id> [project|user]|receipt <plugin|skill|hook-pack|policy-pack> <id> [project|user]|bundle export <path> [project|user]|bundle inspect <path>|bundle import <path> [project|user]|installed]',
+    usage: '[open|overview|recommend|browse [query]|review <plugin|skill|hook-pack|policy-pack> <id>|provenance <plugin|skill|hook-pack|policy-pack> <id>|install-hint <plugin|skill|hook-pack|policy-pack> <id>|install <plugin|skill|hook-pack|policy-pack> <id> [project|user] --yes|update <plugin|skill|hook-pack|policy-pack> <id> [project|user] --yes|rollback <plugin|skill|hook-pack|policy-pack> <id> [project|user] [backupId] --yes|history <plugin|skill|hook-pack|policy-pack> <id> [project|user]|uninstall <plugin|skill|hook-pack|policy-pack> <id> [project|user] --yes|receipt <plugin|skill|hook-pack|policy-pack> <id> [project|user]|bundle export <path> [project|user] --yes|bundle inspect <path>|bundle import <path> [project|user] --yes|installed]',
     handler(args, ctx) {
+      const parsed = stripYesFlag(args);
+      const commandArgs = [...parsed.rest];
       const shellPaths = requireShellPaths(ctx);
       const ecosystemPaths = requireEcosystemCatalogPaths(ctx);
-      const sub = args[0] ?? 'open';
+      const sub = commandArgs[0] ?? 'open';
       if (sub === 'open' || sub === 'panel') {
         openCommandPanel(ctx, 'marketplace');
         return;
@@ -71,7 +74,7 @@ export function registerMarketplaceRuntimeCommands(registry: CommandRegistry): v
         return;
       }
       if (sub === 'browse') {
-        const query = args.slice(1).join(' ');
+        const query = commandArgs.slice(1).join(' ');
         const pluginEntries = query ? searchEcosystemCatalog('plugin', query, ecosystemPaths) : loadEcosystemCatalog('plugin', ecosystemPaths);
         const skillEntries = query ? searchEcosystemCatalog('skill', query, ecosystemPaths) : loadEcosystemCatalog('skill', ecosystemPaths);
         const hookPackEntries = query ? searchEcosystemCatalog('hook-pack', query, ecosystemPaths) : loadEcosystemCatalog('hook-pack', ecosystemPaths);
@@ -113,14 +116,18 @@ export function registerMarketplaceRuntimeCommands(registry: CommandRegistry): v
         return;
       }
       if (sub === 'bundle') {
-        const mode = args[1];
-        const target = args[2];
-        const scope = args[3] === 'user' ? 'user' : 'project';
+        const mode = commandArgs[1];
+        const target = commandArgs[2];
+        const scope = commandArgs[3] === 'user' ? 'user' : 'project';
         if ((mode === 'export' || mode === 'inspect' || mode === 'import') && !target) {
-          ctx.print(`Usage: /marketplace bundle ${mode} <path>${mode === 'export' || mode === 'import' ? ' [project|user]' : ''}`);
+          ctx.print(`Usage: /marketplace bundle ${mode} <path>${mode === 'export' || mode === 'import' ? ' [project|user] --yes' : ''}`);
           return;
         }
         if (mode === 'export') {
+          if (!parsed.yes) {
+            requireYesFlag(ctx, `export marketplace bundle to ${target}`, '/marketplace bundle export <path> [project|user] --yes');
+            return;
+          }
           const bundle = exportEcosystemCatalogBundle(scope, ecosystemPaths);
           const targetPath = shellPaths.resolveWorkspacePath(target!);
           mkdirSync(dirname(targetPath), { recursive: true });
@@ -141,6 +148,10 @@ export function registerMarketplaceRuntimeCommands(registry: CommandRegistry): v
           return;
         }
         if (mode === 'import') {
+          if (!parsed.yes) {
+            requireYesFlag(ctx, `import marketplace bundle from ${target}`, '/marketplace bundle import <path> [project|user] --yes');
+            return;
+          }
           const bundle = JSON.parse(readFileSync(shellPaths.resolveWorkspacePath(target!), 'utf-8')) as EcosystemCatalogBundle;
           const result = importEcosystemCatalogBundle(bundle, { ...ecosystemPaths, scope });
           ctx.print([
@@ -150,14 +161,14 @@ export function registerMarketplaceRuntimeCommands(registry: CommandRegistry): v
           ].join('\n'));
           return;
         }
-        ctx.print('Usage: /marketplace bundle <export|inspect|import> <path> [project|user]');
+        ctx.print('Usage: /marketplace bundle <export|inspect|import> <path> [project|user] --yes');
         return;
       }
 
-      const kind = args[1] as EcosystemEntryKind | undefined;
-      const entryId = args[2];
+      const kind = commandArgs[1] as EcosystemEntryKind | undefined;
+      const entryId = commandArgs[2];
       if ((sub === 'review' || sub === 'provenance' || sub === 'install-hint' || sub === 'install' || sub === 'update' || sub === 'rollback' || sub === 'history' || sub === 'uninstall' || sub === 'receipt') && (!kind || !entryId || !['plugin', 'skill', 'hook-pack', 'policy-pack'].includes(kind))) {
-        ctx.print(`Usage: /marketplace ${sub} <plugin|skill|hook-pack|policy-pack> <id>${sub === 'install' || sub === 'update' || sub === 'rollback' || sub === 'history' || sub === 'uninstall' || sub === 'receipt' ? ' [project|user]' : ''}`);
+        ctx.print(`Usage: /marketplace ${sub} <plugin|skill|hook-pack|policy-pack> <id>${sub === 'install' || sub === 'update' || sub === 'rollback' || sub === 'history' || sub === 'uninstall' || sub === 'receipt' ? ' [project|user]' : ''}${sub === 'install' || sub === 'update' || sub === 'rollback' || sub === 'uninstall' ? ' --yes' : ''}`);
         return;
       }
       if (sub === 'review') {
@@ -216,7 +227,7 @@ export function registerMarketplaceRuntimeCommands(registry: CommandRegistry): v
         return;
       }
       if (sub === 'receipt') {
-        const scope = args[3] === 'user' ? 'user' : 'project';
+        const scope = commandArgs[3] === 'user' ? 'user' : 'project';
         const result = inspectInstalledEcosystemEntry(kind!, entryId!, { ...ecosystemPaths, scope });
         if (!result.ok) {
           ctx.print(`Error: ${result.error}`);
@@ -236,7 +247,7 @@ export function registerMarketplaceRuntimeCommands(registry: CommandRegistry): v
         return;
       }
       if (sub === 'history') {
-        const scope = args[3] === 'user' ? 'user' : 'project';
+        const scope = commandArgs[3] === 'user' ? 'user' : 'project';
         const backups = listEcosystemInstallBackups(kind!, entryId!, { ...ecosystemPaths, scope });
         ctx.print(backups.length > 0
           ? [
@@ -247,7 +258,11 @@ export function registerMarketplaceRuntimeCommands(registry: CommandRegistry): v
         return;
       }
       if (sub === 'install' || sub === 'update' || sub === 'rollback' || sub === 'uninstall') {
-        const scope = args[3] === 'user' ? 'user' : 'project';
+        const scope = commandArgs[3] === 'user' ? 'user' : 'project';
+        if (!parsed.yes) {
+          requireYesFlag(ctx, `${sub} curated ${kind} ${entryId}`, `/marketplace ${sub} <plugin|skill|hook-pack|policy-pack> <id> [project|user]${sub === 'rollback' ? ' [backupId]' : ''} --yes`);
+          return;
+        }
         if (sub === 'install') {
           const result = installEcosystemCatalogEntry(kind!, entryId!, { ...ecosystemPaths, scope });
           if (!result.ok) {
@@ -267,7 +282,7 @@ export function registerMarketplaceRuntimeCommands(registry: CommandRegistry): v
           return;
         }
         if (sub === 'rollback') {
-          const backupId = args[4];
+          const backupId = commandArgs[4];
           const result = rollbackInstalledEcosystemEntry(kind!, entryId!, { ...ecosystemPaths, scope, backupId });
           if (!result.ok) {
             ctx.print(`Error: ${result.error}`);
@@ -284,7 +299,7 @@ export function registerMarketplaceRuntimeCommands(registry: CommandRegistry): v
         ctx.print(`Uninstalled curated ${kind} ${entryId} from ${result.removedPath}`);
         return;
       }
-      ctx.print('Usage: /marketplace [open|overview|recommend|browse [query]|review <plugin|skill|hook-pack|policy-pack> <id>|provenance <plugin|skill|hook-pack|policy-pack> <id>|install-hint <plugin|skill|hook-pack|policy-pack> <id>|install <plugin|skill|hook-pack|policy-pack> <id> [project|user]|update <plugin|skill|hook-pack|policy-pack> <id> [project|user]|rollback <plugin|skill|hook-pack|policy-pack> <id> [project|user] [backupId]|history <plugin|skill|hook-pack|policy-pack> <id> [project|user]|uninstall <plugin|skill|hook-pack|policy-pack> <id> [project|user]|receipt <plugin|skill|hook-pack|policy-pack> <id> [project|user]|bundle export <path> [project|user]|bundle inspect <path>|bundle import <path> [project|user]|installed]');
+      ctx.print('Usage: /marketplace [open|overview|recommend|browse [query]|review <plugin|skill|hook-pack|policy-pack> <id>|provenance <plugin|skill|hook-pack|policy-pack> <id>|install-hint <plugin|skill|hook-pack|policy-pack> <id>|install <plugin|skill|hook-pack|policy-pack> <id> [project|user] --yes|update <plugin|skill|hook-pack|policy-pack> <id> [project|user] --yes|rollback <plugin|skill|hook-pack|policy-pack> <id> [project|user] [backupId] --yes|history <plugin|skill|hook-pack|policy-pack> <id> [project|user]|uninstall <plugin|skill|hook-pack|policy-pack> <id> [project|user] --yes|receipt <plugin|skill|hook-pack|policy-pack> <id> [project|user]|bundle export <path> [project|user] --yes|bundle inspect <path>|bundle import <path> [project|user] --yes|installed]');
     },
   });
 }

package/src/input/commands/mcp-runtime.ts

@@ -2,6 +2,7 @@ import type { CommandContext, CommandRegistry } from '../command-registry.ts';
 import type { McpConfigScope, McpReloadResult, McpServerConfig } from '@pellux/goodvibes-sdk/platform/mcp';
 import { requireMcpApi, requireShellPaths } from './runtime-services.ts';
 import { summarizeError } from '@pellux/goodvibes-sdk/platform/utils';
+import { requireYesFlag, stripYesFlag } from './confirmation.ts';
 
 const MCP_ROLES = ['general', 'docs', 'filesystem', 'git', 'database', 'browser', 'automation', 'ops', 'remote'] as const;
 const MCP_TRUST_MODES = ['constrained', 'ask-on-risk', 'allow-all', 'blocked'] as const;
@@ -137,11 +138,13 @@ export function registerMcpRuntimeCommands(registry: CommandRegistry): void {
     aliases: [],
     description: 'Manage MCP servers and their tools',
     usage: '[add|remove|reload|config|review|tools [<server>]|auth-review|repair [server]]',
-    argsHint: '[add|remove|reload|config|review|tools [server]]',
+    argsHint: '[review|tools|config|add --yes|remove --yes]',
     async handler(args, ctx) {
       const mcpApi = requireMcpApi(ctx);
       const listServerSecurity = () => mcpApi.listServerSecurity();
-      const subcommand = args[0];
+      const confirmation = stripYesFlag(args);
+      const commandArgs = [...confirmation.rest];
+      const subcommand = commandArgs[0];
       if (!subcommand && ctx.openMcpWorkspace) {
         ctx.openMcpWorkspace();
         return;
@@ -161,7 +164,7 @@ export function registerMcpRuntimeCommands(registry: CommandRegistry): void {
         return;
       }
       if (subcommand === 'tools') {
-        const filterServer = args[1];
+        const filterServer = commandArgs[1];
         ctx.print('Fetching MCP tool list...');
         let allTools;
         try {
@@ -207,7 +210,7 @@ export function registerMcpRuntimeCommands(registry: CommandRegistry): void {
       }
 
       if (subcommand === 'repair') {
-        const serverName = args[1];
+        const serverName = commandArgs[1];
         const servers = listServerSecurity();
         const selected = serverName ? servers.find((server) => server.name === serverName) : servers.find((server) => !server.connected || server.schemaFreshness === 'quarantined');
         if (!selected) {
@@ -218,7 +221,7 @@ export function registerMcpRuntimeCommands(registry: CommandRegistry): void {
         }
         const nextSteps = [
           selected.schemaFreshness === 'quarantined'
-            ? `/mcp quarantine ${selected.name} approve operator`
+            ? `/mcp quarantine ${selected.name} approve operator --yes`
             : null,
           !selected.connected ? '/services auth-review' : null,
           '/mcp review',
@@ -239,14 +242,18 @@ export function registerMcpRuntimeCommands(registry: CommandRegistry): void {
       }
 
       if (subcommand === 'trust') {
-        const serverName = args[1];
-        const mode = args[2] as 'constrained' | 'ask-on-risk' | 'allow-all' | 'blocked' | undefined;
+        const serverName = commandArgs[1];
+        const mode = commandArgs[2] as 'constrained' | 'ask-on-risk' | 'allow-all' | 'blocked' | undefined;
         if (serverName && mode) {
           if (mode === 'allow-all') {
             ctx.print(`Use /settings → MCP to explicitly enable allow-all for ${serverName}. Direct CLI escalation is blocked.`);
             ctx.openSettingsModal?.();
             return;
           }
+          if (!confirmation.yes) {
+            requireYesFlag(ctx, `change MCP trust mode for ${serverName}`, '/mcp trust <server> <constrained|ask-on-risk|blocked> --yes');
+            return;
+          }
           mcpApi.setServerTrustMode(serverName, mode);
           ctx.print(`Updated MCP trust mode for ${serverName} to ${mode}.`);
           return;
@@ -258,9 +265,13 @@ export function registerMcpRuntimeCommands(registry: CommandRegistry): void {
       }
 
       if (subcommand === 'role') {
-        const serverName = args[1];
-        const role = args[2] as 'general' | 'docs' | 'filesystem' | 'git' | 'database' | 'browser' | 'automation' | 'ops' | 'remote' | undefined;
+        const serverName = commandArgs[1];
+        const role = commandArgs[2] as 'general' | 'docs' | 'filesystem' | 'git' | 'database' | 'browser' | 'automation' | 'ops' | 'remote' | undefined;
         if (serverName && role) {
+          if (!confirmation.yes) {
+            requireYesFlag(ctx, `change MCP role for ${serverName}`, '/mcp role <server> <general|docs|filesystem|git|database|browser|automation|ops|remote> --yes');
+            return;
+          }
           mcpApi.setServerRole(serverName, role);
           ctx.print(`Updated MCP role for ${serverName} to ${role}.`);
           return;
@@ -272,21 +283,25 @@ export function registerMcpRuntimeCommands(registry: CommandRegistry): void {
       }
 
       if (subcommand === 'add') {
-        let parsed: ParsedMcpAddArgs;
+        if (!confirmation.yes) {
+          requireYesFlag(ctx, 'add or update an MCP server config', '/mcp add <name> <command> [args...] [--scope project|global] [--role <role>] [--trust <mode>] --yes');
+          return;
+        }
+        let parsedAdd: ParsedMcpAddArgs;
         try {
-          parsed = parseAddServerArgs(args);
+          parsedAdd = parseAddServerArgs(commandArgs);
         } catch (error) {
           ctx.print(summarizeError(error));
           return;
         }
         const shellPaths = requireShellPaths(ctx);
         try {
-          const result = await mcpApi.upsertServerConfig(shellPaths, parsed.scope, parsed.server);
-          const connected = listServerSecurity().find((entry) => entry.name === parsed.server.name)?.connected ?? false;
+          const result = await mcpApi.upsertServerConfig(shellPaths, parsedAdd.scope, parsedAdd.server);
+          const connected = listServerSecurity().find((entry) => entry.name === parsedAdd.server.name)?.connected ?? false;
           ctx.print([
-            `MCP server "${parsed.server.name}" saved to ${parsed.scope} config: ${result.path}.`,
+            `MCP server "${parsedAdd.server.name}" saved to ${parsedAdd.scope} config: ${result.path}.`,
             `Runtime reload: ${connected ? 'connected' : 'server saved; connection needs attention'} (+${result.reload.added} ~${result.reload.changed} -${result.reload.removed}, unchanged ${result.reload.unchanged}).`,
-            `Command: ${parsed.server.command}${parsed.server.args?.length ? ` ${parsed.server.args.join(' ')}` : ''}`,
+            `Command: ${parsedAdd.server.command}${parsedAdd.server.args?.length ? ` ${parsedAdd.server.args.join(' ')}` : ''}`,
             'Next: /mcp tools',
           ].join('\n'));
         } catch (error) {
@@ -296,16 +311,20 @@ export function registerMcpRuntimeCommands(registry: CommandRegistry): void {
       }
 
       if (subcommand === 'remove') {
-        const serverName = args[1]?.trim();
+        const serverName = commandArgs[1]?.trim();
         if (!serverName) {
-          ctx.print('Usage: /mcp remove <server> [--scope project|global]');
+          ctx.print('Usage: /mcp remove <server> [--scope project|global] --yes');
+          return;
+        }
+        if (!confirmation.yes) {
+          requireYesFlag(ctx, `remove MCP server ${serverName}`, '/mcp remove <server> [--scope project|global] --yes');
           return;
         }
         let scope: McpConfigScope = 'project';
         try {
-          for (let index = 2; index < args.length; index += 1) {
-            if (args[index] === '--scope') {
-              const value = readFlagValue(args, index, '--scope');
+          for (let index = 2; index < commandArgs.length; index += 1) {
+            if (commandArgs[index] === '--scope') {
+              const value = readFlagValue(commandArgs, index, '--scope');
               if (!isMcpScope(value)) {
                 ctx.print(`Invalid MCP scope "${value}". Expected project or global.`);
                 return;
@@ -331,6 +350,10 @@ export function registerMcpRuntimeCommands(registry: CommandRegistry): void {
       }
 
       if (subcommand === 'reload') {
+        if (!confirmation.yes) {
+          requireYesFlag(ctx, 'reload the MCP runtime from config', '/mcp reload --yes');
+          return;
+        }
         try {
           const result = await reloadMcpRuntime(ctx);
           const servers = listServerSecurity();
@@ -356,10 +379,10 @@ export function registerMcpRuntimeCommands(registry: CommandRegistry): void {
               return `  - ${server.name}: ${server.command}${server.args?.length ? ` ${server.args.join(' ')}` : ''}  source=${entry.source.scope}/${entry.source.kind}${envKeys.length ? ` envKeys=${envKeys.join(',')}` : ''}`;
             }),
             '',
-            'Add or update from inside the TUI:',
-            '  /mcp add <name> <command> [args...] [--scope project|global] [--role <role>] [--trust <mode>]',
+            'Add or update from inside Agent with explicit confirmation:',
+            '  /mcp add <name> <command> [args...] [--scope project|global] [--role <role>] [--trust <mode>] --yes',
             'Example:',
-            '  /mcp add filesystem npx -y @modelcontextprotocol/server-filesystem . --scope project --role filesystem --trust constrained',
+            '  /mcp add filesystem npx -y @modelcontextprotocol/server-filesystem . --scope project --role filesystem --trust constrained --yes',
           ].join('\n'));
         } catch (error) {
           ctx.print(`MCP config read failed: ${summarizeError(error)}`);
@@ -368,19 +391,27 @@ export function registerMcpRuntimeCommands(registry: CommandRegistry): void {
       }
 
       if (subcommand === 'quarantine') {
-        const serverName = args[1];
-        const action = args[2];
+        const serverName = commandArgs[1];
+        const action = commandArgs[2];
         if (!serverName) {
-          ctx.print('Usage: /mcp quarantine <server> [detail]\n       /mcp quarantine <server> approve [operatorId]');
+          ctx.print('Usage: /mcp quarantine <server> [detail] --yes\n       /mcp quarantine <server> approve [operatorId] --yes');
           return;
         }
         if (action === 'approve') {
-          const operatorId = args[3] || 'operator';
+          if (!confirmation.yes) {
+            requireYesFlag(ctx, `approve MCP schema quarantine override for ${serverName}`, '/mcp quarantine <server> approve [operatorId] --yes');
+            return;
+          }
+          const operatorId = commandArgs[3] || 'operator';
           mcpApi.approveSchemaQuarantine(serverName, operatorId);
           ctx.print(`Approved MCP schema quarantine override for ${serverName} as ${operatorId}. Refresh is still recommended.`);
           return;
         }
-        const detail = args.slice(2).join(' ') || 'quarantined by operator';
+        if (!confirmation.yes) {
+          requireYesFlag(ctx, `quarantine MCP server ${serverName}`, '/mcp quarantine <server> [detail] --yes');
+          return;
+        }
+        const detail = commandArgs.slice(2).join(' ') || 'quarantined by operator';
         mcpApi.quarantineSchema(serverName, 'operator_flagged', detail);
         ctx.print(`Quarantined MCP schema for ${serverName}.\nReason: ${detail}`);
         return;
@@ -396,8 +427,8 @@ export function registerMcpRuntimeCommands(registry: CommandRegistry): void {
           + '  ~/.config/claude/claude_desktop_config.json  (Claude Desktop)\n'
           + '  .mcp/mcp.json                        (project-local)\n'
           + '  .goodvibes/mcp.json                  (goodvibes project)\n'
-          + '\nAdd one from inside the TUI:\n'
-          + '  /mcp add filesystem npx -y @modelcontextprotocol/server-filesystem . --scope project --role filesystem\n'
+          + '\nAdd one from inside Agent with explicit confirmation:\n'
+          + '  /mcp add filesystem npx -y @modelcontextprotocol/server-filesystem . --scope project --role filesystem --yes\n'
           + '\nFormat: { "servers": [{ "name": "my-server", "command": "npx", "args": ["-y", "@modelcontextprotocol/server-filesystem", "/tmp"] }] }'
         );
         return;
@@ -416,10 +447,10 @@ export function registerMcpRuntimeCommands(registry: CommandRegistry): void {
       if (connected.length > 0) {
         lines.push('');
         lines.push('Run "/mcp tools" to list all tools, or "/mcp tools <server>" for a specific server.');
-        lines.push('Run "/mcp" to open the fullscreen MCP workspace, or "/mcp add <name> <command> [args...] [--scope project|global]" to add/update without restarting.');
-        lines.push('Run "/mcp reload" after editing MCP config outside the TUI.');
-        lines.push('Run "/mcp trust <server> <mode>" to change trust mode, or "/mcp role <server> <role>" to change its coherence role.');
-        lines.push('Run "/mcp quarantine <server> [detail]" to block a server, or "/mcp quarantine <server> approve [operatorId]" to approve a temporary override.');
+        lines.push('Run "/mcp" to open the fullscreen MCP workspace, or "/mcp add <name> <command> [args...] [--scope project|global] --yes" to add/update.');
+        lines.push('Run "/mcp reload --yes" after editing MCP config outside Agent.');
+        lines.push('Run "/mcp trust <server> <mode> --yes" to change trust mode, or "/mcp role <server> <role> --yes" to change its coherence role.');
+        lines.push('Run "/mcp quarantine <server> [detail] --yes" to block a server, or "/mcp quarantine <server> approve [operatorId] --yes" to approve a temporary override.');
         lines.push('Use /settings → MCP to explicitly enable allow-all for a server.');
       }
       if (disconnected.length > 0) {