@posthog/agent 2.1.70 → 2.1.82

package/dist/adapters/claude/conversion/tool-use-to-acp.d.ts

@@ -1,8 +1,28 @@
 import { PlanEntry, ToolCall, ToolCallUpdate } from '@agentclientprotocol/sdk';
 import { ToolUseBlock, ToolResultBlockParam, WebSearchToolResultBlockParam } from '@anthropic-ai/sdk/resources';
 import { BetaWebSearchToolResultBlockParam, BetaWebFetchToolResultBlockParam, BetaCodeExecutionToolResultBlockParam, BetaBashCodeExecutionToolResultBlockParam, BetaTextEditorCodeExecutionToolResultBlockParam, BetaRequestMCPToolResultBlockParam, BetaToolSearchToolResultBlockParam } from '@anthropic-ai/sdk/resources/beta.mjs';
-import { L as Logger } from '../../../logger-DDBiMOOD.js';
-import '../../../types.js';
+import { OnLogCallback } from '../../../types.js';
+
+interface LoggerConfig {
+    debug?: boolean;
+    prefix?: string;
+    scope?: string;
+    onLog?: OnLogCallback;
+}
+declare class Logger {
+    private debugEnabled;
+    private prefix;
+    private scope;
+    private onLog?;
+    constructor(config?: LoggerConfig);
+    private formatMessage;
+    private emitLog;
+    error(message: string, error?: Error | unknown): void;
+    warn(message: string, data?: unknown): void;
+    info(message: string, data?: unknown): void;
+    debug(message: string, data?: unknown): void;
+    child(childPrefix: string): Logger;
+}
 
 type ToolInfo = Pick<ToolCall, "title" | "kind" | "content" | "locations">;
 declare function toolInfoFromToolUse(toolUse: Pick<ToolUseBlock, "name" | "input">, cachedFileContent: {

package/dist/adapters/claude/permissions/permission-options.d.ts

@@ -1,3 +1,5 @@
+import { PermissionUpdate } from '@anthropic-ai/claude-agent-sdk';
+
 interface PermissionOption {
     kind: "allow_once" | "allow_always" | "reject_once" | "reject_always";
     name: string;
@@ -7,7 +9,7 @@ interface PermissionOption {
         customInput?: boolean;
     };
 }
-declare function buildPermissionOptions(toolName: string, toolInput: Record<string, unknown>, cwd?: string): PermissionOption[];
+declare function buildPermissionOptions(toolName: string, toolInput: Record<string, unknown>, cwd?: string, suggestions?: PermissionUpdate[]): PermissionOption[];
 declare function buildExitPlanModePermissionOptions(): PermissionOption[];
 
 export { type PermissionOption, buildExitPlanModePermissionOptions, buildPermissionOptions };

package/dist/adapters/claude/permissions/permission-options.js

@@ -45,13 +45,16 @@ function permissionOptions(allowAlwaysLabel) {
     }
   ];
 }
-function buildPermissionOptions(toolName, toolInput, cwd) {
+function buildPermissionOptions(toolName, toolInput, cwd, suggestions) {
   if (BASH_TOOLS.has(toolName)) {
+    const rawRuleContent = suggestions?.flatMap((s) => "rules" in s ? s.rules : []).find((r) => r.toolName === "Bash" && r.ruleContent)?.ruleContent;
+    const ruleContent = rawRuleContent?.replace(/:?\*$/, "");
     const command = toolInput?.command;
     const cmdName = command?.split(/\s+/)[0] ?? "this command";
     const cwdLabel = cwd ? ` in ${cwd}` : "";
+    const label = ruleContent ?? `\`${cmdName}\` commands`;
     return permissionOptions(
-      `Yes, and don't ask again for \`${cmdName}\` commands${cwdLabel}`
+      `Yes, and don't ask again for ${label}${cwdLabel}`
     );
   }
   if (toolName === "BashOutput") {

package/dist/adapters/claude/permissions/permission-options.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../src/utils/common.ts","../../../../src/adapters/claude/mcp/tool-metadata.ts","../../../../src/adapters/claude/tools.ts","../../../../src/adapters/claude/permissions/permission-options.ts"],"sourcesContent":["import type { Logger } from \"./logger.js\";\n\n/**\n * Races an operation against a timeout.\n * Returns success with the value if the operation completes in time,\n * or timeout if the operation takes longer than the specified duration.\n */\nexport async function withTimeout<T>(\n  operation: Promise<T>,\n  timeoutMs: number,\n): Promise<{ result: \"success\"; value: T } | { result: \"timeout\" }> {\n  const timeoutPromise = new Promise<{ result: \"timeout\" }>((resolve) =>\n    setTimeout(() => resolve({ result: \"timeout\" }), timeoutMs),\n  );\n  const operationPromise = operation.then((value) => ({\n    result: \"success\" as const,\n    value,\n  }));\n  return Promise.race([operationPromise, timeoutPromise]);\n}\n\nexport const IS_ROOT =\n  typeof process !== \"undefined\" &&\n  (process.geteuid?.() ?? process.getuid?.()) === 0;\n\nexport function unreachable(value: never, logger: Logger): void {\n  let valueAsString: string;\n  try {\n    valueAsString = JSON.stringify(value);\n  } catch {\n    valueAsString = value;\n  }\n  logger.error(`Unexpected case: ${valueAsString}`);\n}\n","import type { McpServerConfig } from \"@anthropic-ai/claude-agent-sdk\";\nimport { Client } from \"@modelcontextprotocol/sdk/client/index.js\";\nimport { StreamableHTTPClientTransport } from \"@modelcontextprotocol/sdk/client/streamableHttp.js\";\nimport type { Tool } from \"@modelcontextprotocol/sdk/types.js\";\nimport { Logger } from \"../../../utils/logger.js\";\n\nexport interface McpToolMetadata {\n  readOnly: boolean;\n}\n\nconst mcpToolMetadataCache: Map<string, McpToolMetadata> = new Map();\n\nfunction buildToolKey(serverName: string, toolName: string): string {\n  return `mcp__${serverName}__${toolName}`;\n}\n\nfunction isHttpMcpServer(\n  config: McpServerConfig,\n): config is McpServerConfig & { type: \"http\"; url: string } {\n  return config.type === \"http\" && typeof (config as any).url === \"string\";\n}\n\nasync function fetchToolsFromHttpServer(\n  _serverName: string,\n  config: McpServerConfig & { type: \"http\"; url: string },\n): Promise<Tool[]> {\n  const transport = new StreamableHTTPClientTransport(new URL(config.url), {\n    requestInit: {\n      headers: (config as any).headers || {},\n    },\n  });\n\n  const client = new Client({\n    name: \"twig-metadata-fetcher\",\n    version: \"1.0.0\",\n  });\n\n  try {\n    await client.connect(transport);\n    const result = await client.listTools();\n    return result.tools;\n  } finally {\n    await client.close().catch(() => {});\n  }\n}\n\nfunction extractToolMetadata(tool: Tool): McpToolMetadata {\n  return {\n    readOnly: tool.annotations?.readOnlyHint === true,\n  };\n}\n\nexport async function fetchMcpToolMetadata(\n  mcpServers: Record<string, McpServerConfig>,\n  logger: Logger = new Logger({ debug: false, prefix: \"[McpToolMetadata]\" }),\n): Promise<void> {\n  const fetchPromises: Promise<void>[] = [];\n\n  for (const [serverName, config] of Object.entries(mcpServers)) {\n    if (!isHttpMcpServer(config)) {\n      continue;\n    }\n\n    const fetchPromise = fetchToolsFromHttpServer(serverName, config)\n      .then((tools) => {\n        const toolCount = tools.length;\n        const readOnlyCount = tools.filter(\n          (t) => t.annotations?.readOnlyHint === true,\n        ).length;\n\n        for (const tool of tools) {\n          const toolKey = buildToolKey(serverName, tool.name);\n          mcpToolMetadataCache.set(toolKey, extractToolMetadata(tool));\n        }\n\n        logger.info(\"Fetched MCP tool metadata\", {\n          serverName,\n          toolCount,\n          readOnlyCount,\n        });\n      })\n      .catch((error) => {\n        logger.error(\"Failed to fetch MCP tool metadata\", {\n          serverName,\n          error: error instanceof Error ? error.message : String(error),\n        });\n      });\n\n    fetchPromises.push(fetchPromise);\n  }\n\n  await Promise.all(fetchPromises);\n}\n\nexport function isMcpToolReadOnly(toolName: string): boolean {\n  const metadata = mcpToolMetadataCache.get(toolName);\n  return metadata?.readOnly === true;\n}\n\nexport function clearMcpToolMetadataCache(): void {\n  mcpToolMetadataCache.clear();\n}\n","export {\n  getAvailableModes,\n  type ModeInfo,\n  TWIG_EXECUTION_MODES,\n  type TwigExecutionMode,\n} from \"../../execution-mode.js\";\n\nimport type { TwigExecutionMode } from \"../../execution-mode.js\";\nimport { isMcpToolReadOnly } from \"./mcp/tool-metadata.js\";\n\nexport const READ_TOOLS: Set<string> = new Set([\"Read\", \"NotebookRead\"]);\n\nexport const WRITE_TOOLS: Set<string> = new Set([\n  \"Edit\",\n  \"Write\",\n  \"NotebookEdit\",\n]);\n\nexport const BASH_TOOLS: Set<string> = new Set([\n  \"Bash\",\n  \"BashOutput\",\n  \"KillShell\",\n]);\n\nexport const SEARCH_TOOLS: Set<string> = new Set([\"Glob\", \"Grep\", \"LS\"]);\n\nexport const WEB_TOOLS: Set<string> = new Set([\"WebSearch\", \"WebFetch\"]);\n\nexport const AGENT_TOOLS: Set<string> = new Set([\"Task\", \"TodoWrite\", \"Skill\"]);\n\nconst BASE_ALLOWED_TOOLS = [\n  ...READ_TOOLS,\n  ...SEARCH_TOOLS,\n  ...WEB_TOOLS,\n  ...AGENT_TOOLS,\n];\n\nconst AUTO_ALLOWED_TOOLS: Record<string, Set<string>> = {\n  default: new Set(BASE_ALLOWED_TOOLS),\n  acceptEdits: new Set([...BASE_ALLOWED_TOOLS, ...WRITE_TOOLS]),\n  plan: new Set(BASE_ALLOWED_TOOLS),\n};\n\nexport function isToolAllowedForMode(\n  toolName: string,\n  mode: TwigExecutionMode,\n): boolean {\n  if (mode === \"bypassPermissions\") {\n    return true;\n  }\n  if (AUTO_ALLOWED_TOOLS[mode]?.has(toolName) === true) {\n    return true;\n  }\n  if (isMcpToolReadOnly(toolName)) {\n    return true;\n  }\n  return false;\n}\n","import { BASH_TOOLS, READ_TOOLS, SEARCH_TOOLS, WRITE_TOOLS } from \"../tools.js\";\n\nexport interface PermissionOption {\n  kind: \"allow_once\" | \"allow_always\" | \"reject_once\" | \"reject_always\";\n  name: string;\n  optionId: string;\n  _meta?: { description?: string; customInput?: boolean };\n}\n\nfunction permissionOptions(allowAlwaysLabel: string): PermissionOption[] {\n  return [\n    { kind: \"allow_once\", name: \"Yes\", optionId: \"allow\" },\n    { kind: \"allow_always\", name: allowAlwaysLabel, optionId: \"allow_always\" },\n    {\n      kind: \"reject_once\",\n      name: \"No, and tell the agent what to do differently\",\n      optionId: \"reject\",\n      _meta: { customInput: true },\n    },\n  ];\n}\n\nexport function buildPermissionOptions(\n  toolName: string,\n  toolInput: Record<string, unknown>,\n  cwd?: string,\n): PermissionOption[] {\n  if (BASH_TOOLS.has(toolName)) {\n    const command = toolInput?.command as string | undefined;\n    const cmdName = command?.split(/\\s+/)[0] ?? \"this command\";\n    const cwdLabel = cwd ? ` in ${cwd}` : \"\";\n    return permissionOptions(\n      `Yes, and don't ask again for \\`${cmdName}\\` commands${cwdLabel}`,\n    );\n  }\n\n  if (toolName === \"BashOutput\") {\n    return permissionOptions(\"Yes, allow all background process reads\");\n  }\n\n  if (toolName === \"KillShell\") {\n    return permissionOptions(\"Yes, allow killing processes\");\n  }\n\n  if (WRITE_TOOLS.has(toolName)) {\n    return permissionOptions(\"Yes, allow all edits during this session\");\n  }\n\n  if (READ_TOOLS.has(toolName)) {\n    return permissionOptions(\"Yes, allow all reads during this session\");\n  }\n\n  if (SEARCH_TOOLS.has(toolName)) {\n    return permissionOptions(\"Yes, allow all searches during this session\");\n  }\n\n  if (toolName === \"WebFetch\") {\n    const url = toolInput?.url as string | undefined;\n    let domain = \"\";\n    try {\n      domain = url ? new URL(url).hostname : \"\";\n    } catch {}\n    return permissionOptions(\n      domain\n        ? `Yes, allow all fetches from ${domain}`\n        : \"Yes, allow all fetches\",\n    );\n  }\n\n  if (toolName === \"WebSearch\") {\n    return permissionOptions(\"Yes, allow all web searches\");\n  }\n\n  if (toolName === \"Task\") {\n    return permissionOptions(\"Yes, allow all sub-tasks\");\n  }\n\n  if (toolName === \"TodoWrite\") {\n    return permissionOptions(\"Yes, allow all todo updates\");\n  }\n\n  return permissionOptions(\"Yes, always allow\");\n}\n\nexport function buildExitPlanModePermissionOptions(): PermissionOption[] {\n  return [\n    {\n      kind: \"allow_always\",\n      name: \"Yes, and auto-accept edits\",\n      optionId: \"acceptEdits\",\n    },\n    {\n      kind: \"allow_once\",\n      name: \"Yes, and manually approve edits\",\n      optionId: \"default\",\n    },\n    {\n      kind: \"reject_once\",\n      name: \"No, keep planning\",\n      optionId: \"plan\",\n    },\n  ];\n}\n"],"mappings":";AAqBO,IAAM,UACX,OAAO,YAAY,gBAClB,QAAQ,UAAU,KAAK,QAAQ,SAAS,OAAO;;;ACtBlD,SAAS,cAAc;AACvB,SAAS,qCAAqC;;;ACQvC,IAAM,aAA0B,oBAAI,IAAI,CAAC,QAAQ,cAAc,CAAC;AAEhE,IAAM,cAA2B,oBAAI,IAAI;AAAA,EAC9C;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAEM,IAAM,aAA0B,oBAAI,IAAI;AAAA,EAC7C;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAEM,IAAM,eAA4B,oBAAI,IAAI,CAAC,QAAQ,QAAQ,IAAI,CAAC;AAEhE,IAAM,YAAyB,oBAAI,IAAI,CAAC,aAAa,UAAU,CAAC;AAEhE,IAAM,cAA2B,oBAAI,IAAI,CAAC,QAAQ,aAAa,OAAO,CAAC;AAE9E,IAAM,qBAAqB;AAAA,EACzB,GAAG;AAAA,EACH,GAAG;AAAA,EACH,GAAG;AAAA,EACH,GAAG;AACL;AAEA,IAAM,qBAAkD;AAAA,EACtD,SAAS,IAAI,IAAI,kBAAkB;AAAA,EACnC,aAAa,oBAAI,IAAI,CAAC,GAAG,oBAAoB,GAAG,WAAW,CAAC;AAAA,EAC5D,MAAM,IAAI,IAAI,kBAAkB;AAClC;;;AChCA,SAAS,kBAAkB,kBAA8C;AACvE,SAAO;AAAA,IACL,EAAE,MAAM,cAAc,MAAM,OAAO,UAAU,QAAQ;AAAA,IACrD,EAAE,MAAM,gBAAgB,MAAM,kBAAkB,UAAU,eAAe;AAAA,IACzE;AAAA,MACE,MAAM;AAAA,MACN,MAAM;AAAA,MACN,UAAU;AAAA,MACV,OAAO,EAAE,aAAa,KAAK;AAAA,IAC7B;AAAA,EACF;AACF;AAEO,SAAS,uBACd,UACA,WACA,KACoB;AACpB,MAAI,WAAW,IAAI,QAAQ,GAAG;AAC5B,UAAM,UAAU,WAAW;AAC3B,UAAM,UAAU,SAAS,MAAM,KAAK,EAAE,CAAC,KAAK;AAC5C,UAAM,WAAW,MAAM,OAAO,GAAG,KAAK;AACtC,WAAO;AAAA,MACL,kCAAkC,OAAO,cAAc,QAAQ;AAAA,IACjE;AAAA,EACF;AAEA,MAAI,aAAa,cAAc;AAC7B,WAAO,kBAAkB,yCAAyC;AAAA,EACpE;AAEA,MAAI,aAAa,aAAa;AAC5B,WAAO,kBAAkB,8BAA8B;AAAA,EACzD;AAEA,MAAI,YAAY,IAAI,QAAQ,GAAG;AAC7B,WAAO,kBAAkB,0CAA0C;AAAA,EACrE;AAEA,MAAI,WAAW,IAAI,QAAQ,GAAG;AAC5B,WAAO,kBAAkB,0CAA0C;AAAA,EACrE;AAEA,MAAI,aAAa,IAAI,QAAQ,GAAG;AAC9B,WAAO,kBAAkB,6CAA6C;AAAA,EACxE;AAEA,MAAI,aAAa,YAAY;AAC3B,UAAM,MAAM,WAAW;AACvB,QAAI,SAAS;AACb,QAAI;AACF,eAAS,MAAM,IAAI,IAAI,GAAG,EAAE,WAAW;AAAA,IACzC,QAAQ;AAAA,IAAC;AACT,WAAO;AAAA,MACL,SACI,+BAA+B,MAAM,KACrC;AAAA,IACN;AAAA,EACF;AAEA,MAAI,aAAa,aAAa;AAC5B,WAAO,kBAAkB,6BAA6B;AAAA,EACxD;AAEA,MAAI,aAAa,QAAQ;AACvB,WAAO,kBAAkB,0BAA0B;AAAA,EACrD;AAEA,MAAI,aAAa,aAAa;AAC5B,WAAO,kBAAkB,6BAA6B;AAAA,EACxD;AAEA,SAAO,kBAAkB,mBAAmB;AAC9C;AAEO,SAAS,qCAAyD;AACvE,SAAO;AAAA,IACL;AAAA,MACE,MAAM;AAAA,MACN,MAAM;AAAA,MACN,UAAU;AAAA,IACZ;AAAA,IACA;AAAA,MACE,MAAM;AAAA,MACN,MAAM;AAAA,MACN,UAAU;AAAA,IACZ;AAAA,IACA;AAAA,MACE,MAAM;AAAA,MACN,MAAM;AAAA,MACN,UAAU;AAAA,IACZ;AAAA,EACF;AACF;","names":[]}
+{"version":3,"sources":["../../../../src/utils/common.ts","../../../../src/adapters/claude/mcp/tool-metadata.ts","../../../../src/adapters/claude/tools.ts","../../../../src/adapters/claude/permissions/permission-options.ts"],"sourcesContent":["import type { Logger } from \"./logger.js\";\n\n/**\n * Races an operation against a timeout.\n * Returns success with the value if the operation completes in time,\n * or timeout if the operation takes longer than the specified duration.\n */\nexport async function withTimeout<T>(\n  operation: Promise<T>,\n  timeoutMs: number,\n): Promise<{ result: \"success\"; value: T } | { result: \"timeout\" }> {\n  const timeoutPromise = new Promise<{ result: \"timeout\" }>((resolve) =>\n    setTimeout(() => resolve({ result: \"timeout\" }), timeoutMs),\n  );\n  const operationPromise = operation.then((value) => ({\n    result: \"success\" as const,\n    value,\n  }));\n  return Promise.race([operationPromise, timeoutPromise]);\n}\n\nexport const IS_ROOT =\n  typeof process !== \"undefined\" &&\n  (process.geteuid?.() ?? process.getuid?.()) === 0;\n\nexport function unreachable(value: never, logger: Logger): void {\n  let valueAsString: string;\n  try {\n    valueAsString = JSON.stringify(value);\n  } catch {\n    valueAsString = value;\n  }\n  logger.error(`Unexpected case: ${valueAsString}`);\n}\n","import type { McpServerConfig } from \"@anthropic-ai/claude-agent-sdk\";\nimport { Client } from \"@modelcontextprotocol/sdk/client/index.js\";\nimport { StreamableHTTPClientTransport } from \"@modelcontextprotocol/sdk/client/streamableHttp.js\";\nimport type { Tool } from \"@modelcontextprotocol/sdk/types.js\";\nimport { Logger } from \"../../../utils/logger.js\";\n\nexport interface McpToolMetadata {\n  readOnly: boolean;\n}\n\nconst mcpToolMetadataCache: Map<string, McpToolMetadata> = new Map();\n\nfunction buildToolKey(serverName: string, toolName: string): string {\n  return `mcp__${serverName}__${toolName}`;\n}\n\nfunction isHttpMcpServer(\n  config: McpServerConfig,\n): config is McpServerConfig & { type: \"http\"; url: string } {\n  return config.type === \"http\" && typeof (config as any).url === \"string\";\n}\n\nasync function fetchToolsFromHttpServer(\n  _serverName: string,\n  config: McpServerConfig & { type: \"http\"; url: string },\n): Promise<Tool[]> {\n  const transport = new StreamableHTTPClientTransport(new URL(config.url), {\n    requestInit: {\n      headers: (config as any).headers || {},\n    },\n  });\n\n  const client = new Client({\n    name: \"twig-metadata-fetcher\",\n    version: \"1.0.0\",\n  });\n\n  try {\n    await client.connect(transport);\n    const result = await client.listTools();\n    return result.tools;\n  } finally {\n    await client.close().catch(() => {});\n  }\n}\n\nfunction extractToolMetadata(tool: Tool): McpToolMetadata {\n  return {\n    readOnly: tool.annotations?.readOnlyHint === true,\n  };\n}\n\nexport async function fetchMcpToolMetadata(\n  mcpServers: Record<string, McpServerConfig>,\n  logger: Logger = new Logger({ debug: false, prefix: \"[McpToolMetadata]\" }),\n): Promise<void> {\n  const fetchPromises: Promise<void>[] = [];\n\n  for (const [serverName, config] of Object.entries(mcpServers)) {\n    if (!isHttpMcpServer(config)) {\n      continue;\n    }\n\n    const fetchPromise = fetchToolsFromHttpServer(serverName, config)\n      .then((tools) => {\n        const toolCount = tools.length;\n        const readOnlyCount = tools.filter(\n          (t) => t.annotations?.readOnlyHint === true,\n        ).length;\n\n        for (const tool of tools) {\n          const toolKey = buildToolKey(serverName, tool.name);\n          mcpToolMetadataCache.set(toolKey, extractToolMetadata(tool));\n        }\n\n        logger.info(\"Fetched MCP tool metadata\", {\n          serverName,\n          toolCount,\n          readOnlyCount,\n        });\n      })\n      .catch((error) => {\n        logger.error(\"Failed to fetch MCP tool metadata\", {\n          serverName,\n          error: error instanceof Error ? error.message : String(error),\n        });\n      });\n\n    fetchPromises.push(fetchPromise);\n  }\n\n  await Promise.all(fetchPromises);\n}\n\nexport function isMcpToolReadOnly(toolName: string): boolean {\n  const metadata = mcpToolMetadataCache.get(toolName);\n  return metadata?.readOnly === true;\n}\n\nexport function clearMcpToolMetadataCache(): void {\n  mcpToolMetadataCache.clear();\n}\n","export {\n  getAvailableModes,\n  type ModeInfo,\n  TWIG_EXECUTION_MODES,\n  type TwigExecutionMode,\n} from \"../../execution-mode.js\";\n\nimport type { TwigExecutionMode } from \"../../execution-mode.js\";\nimport { isMcpToolReadOnly } from \"./mcp/tool-metadata.js\";\n\nexport const READ_TOOLS: Set<string> = new Set([\"Read\", \"NotebookRead\"]);\n\nexport const WRITE_TOOLS: Set<string> = new Set([\n  \"Edit\",\n  \"Write\",\n  \"NotebookEdit\",\n]);\n\nexport const BASH_TOOLS: Set<string> = new Set([\n  \"Bash\",\n  \"BashOutput\",\n  \"KillShell\",\n]);\n\nexport const SEARCH_TOOLS: Set<string> = new Set([\"Glob\", \"Grep\", \"LS\"]);\n\nexport const WEB_TOOLS: Set<string> = new Set([\"WebSearch\", \"WebFetch\"]);\n\nexport const AGENT_TOOLS: Set<string> = new Set([\"Task\", \"TodoWrite\", \"Skill\"]);\n\nconst BASE_ALLOWED_TOOLS = [\n  ...READ_TOOLS,\n  ...SEARCH_TOOLS,\n  ...WEB_TOOLS,\n  ...AGENT_TOOLS,\n];\n\nconst AUTO_ALLOWED_TOOLS: Record<string, Set<string>> = {\n  default: new Set(BASE_ALLOWED_TOOLS),\n  acceptEdits: new Set([...BASE_ALLOWED_TOOLS, ...WRITE_TOOLS]),\n  plan: new Set(BASE_ALLOWED_TOOLS),\n};\n\nexport function isToolAllowedForMode(\n  toolName: string,\n  mode: TwigExecutionMode,\n): boolean {\n  if (mode === \"bypassPermissions\") {\n    return true;\n  }\n  if (AUTO_ALLOWED_TOOLS[mode]?.has(toolName) === true) {\n    return true;\n  }\n  if (isMcpToolReadOnly(toolName)) {\n    return true;\n  }\n  return false;\n}\n","import type { PermissionUpdate } from \"@anthropic-ai/claude-agent-sdk\";\nimport { BASH_TOOLS, READ_TOOLS, SEARCH_TOOLS, WRITE_TOOLS } from \"../tools.js\";\n\nexport interface PermissionOption {\n  kind: \"allow_once\" | \"allow_always\" | \"reject_once\" | \"reject_always\";\n  name: string;\n  optionId: string;\n  _meta?: { description?: string; customInput?: boolean };\n}\n\nfunction permissionOptions(allowAlwaysLabel: string): PermissionOption[] {\n  return [\n    { kind: \"allow_once\", name: \"Yes\", optionId: \"allow\" },\n    { kind: \"allow_always\", name: allowAlwaysLabel, optionId: \"allow_always\" },\n    {\n      kind: \"reject_once\",\n      name: \"No, and tell the agent what to do differently\",\n      optionId: \"reject\",\n      _meta: { customInput: true },\n    },\n  ];\n}\n\nexport function buildPermissionOptions(\n  toolName: string,\n  toolInput: Record<string, unknown>,\n  cwd?: string,\n  suggestions?: PermissionUpdate[],\n): PermissionOption[] {\n  if (BASH_TOOLS.has(toolName)) {\n    const rawRuleContent = suggestions\n      ?.flatMap((s) => (\"rules\" in s ? s.rules : []))\n      .find((r) => r.toolName === \"Bash\" && r.ruleContent)?.ruleContent;\n    const ruleContent = rawRuleContent?.replace(/:?\\*$/, \"\");\n\n    const command = toolInput?.command as string | undefined;\n    const cmdName = command?.split(/\\s+/)[0] ?? \"this command\";\n    const cwdLabel = cwd ? ` in ${cwd}` : \"\";\n    const label = ruleContent ?? `\\`${cmdName}\\` commands`;\n\n    return permissionOptions(\n      `Yes, and don't ask again for ${label}${cwdLabel}`,\n    );\n  }\n\n  if (toolName === \"BashOutput\") {\n    return permissionOptions(\"Yes, allow all background process reads\");\n  }\n\n  if (toolName === \"KillShell\") {\n    return permissionOptions(\"Yes, allow killing processes\");\n  }\n\n  if (WRITE_TOOLS.has(toolName)) {\n    return permissionOptions(\"Yes, allow all edits during this session\");\n  }\n\n  if (READ_TOOLS.has(toolName)) {\n    return permissionOptions(\"Yes, allow all reads during this session\");\n  }\n\n  if (SEARCH_TOOLS.has(toolName)) {\n    return permissionOptions(\"Yes, allow all searches during this session\");\n  }\n\n  if (toolName === \"WebFetch\") {\n    const url = toolInput?.url as string | undefined;\n    let domain = \"\";\n    try {\n      domain = url ? new URL(url).hostname : \"\";\n    } catch {}\n    return permissionOptions(\n      domain\n        ? `Yes, allow all fetches from ${domain}`\n        : \"Yes, allow all fetches\",\n    );\n  }\n\n  if (toolName === \"WebSearch\") {\n    return permissionOptions(\"Yes, allow all web searches\");\n  }\n\n  if (toolName === \"Task\") {\n    return permissionOptions(\"Yes, allow all sub-tasks\");\n  }\n\n  if (toolName === \"TodoWrite\") {\n    return permissionOptions(\"Yes, allow all todo updates\");\n  }\n\n  return permissionOptions(\"Yes, always allow\");\n}\n\nexport function buildExitPlanModePermissionOptions(): PermissionOption[] {\n  return [\n    {\n      kind: \"allow_always\",\n      name: \"Yes, and auto-accept edits\",\n      optionId: \"acceptEdits\",\n    },\n    {\n      kind: \"allow_once\",\n      name: \"Yes, and manually approve edits\",\n      optionId: \"default\",\n    },\n    {\n      kind: \"reject_once\",\n      name: \"No, keep planning\",\n      optionId: \"plan\",\n    },\n  ];\n}\n"],"mappings":";AAqBO,IAAM,UACX,OAAO,YAAY,gBAClB,QAAQ,UAAU,KAAK,QAAQ,SAAS,OAAO;;;ACtBlD,SAAS,cAAc;AACvB,SAAS,qCAAqC;;;ACQvC,IAAM,aAA0B,oBAAI,IAAI,CAAC,QAAQ,cAAc,CAAC;AAEhE,IAAM,cAA2B,oBAAI,IAAI;AAAA,EAC9C;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAEM,IAAM,aAA0B,oBAAI,IAAI;AAAA,EAC7C;AAAA,EACA;AAAA,EACA;AACF,CAAC;AAEM,IAAM,eAA4B,oBAAI,IAAI,CAAC,QAAQ,QAAQ,IAAI,CAAC;AAEhE,IAAM,YAAyB,oBAAI,IAAI,CAAC,aAAa,UAAU,CAAC;AAEhE,IAAM,cAA2B,oBAAI,IAAI,CAAC,QAAQ,aAAa,OAAO,CAAC;AAE9E,IAAM,qBAAqB;AAAA,EACzB,GAAG;AAAA,EACH,GAAG;AAAA,EACH,GAAG;AAAA,EACH,GAAG;AACL;AAEA,IAAM,qBAAkD;AAAA,EACtD,SAAS,IAAI,IAAI,kBAAkB;AAAA,EACnC,aAAa,oBAAI,IAAI,CAAC,GAAG,oBAAoB,GAAG,WAAW,CAAC;AAAA,EAC5D,MAAM,IAAI,IAAI,kBAAkB;AAClC;;;AC/BA,SAAS,kBAAkB,kBAA8C;AACvE,SAAO;AAAA,IACL,EAAE,MAAM,cAAc,MAAM,OAAO,UAAU,QAAQ;AAAA,IACrD,EAAE,MAAM,gBAAgB,MAAM,kBAAkB,UAAU,eAAe;AAAA,IACzE;AAAA,MACE,MAAM;AAAA,MACN,MAAM;AAAA,MACN,UAAU;AAAA,MACV,OAAO,EAAE,aAAa,KAAK;AAAA,IAC7B;AAAA,EACF;AACF;AAEO,SAAS,uBACd,UACA,WACA,KACA,aACoB;AACpB,MAAI,WAAW,IAAI,QAAQ,GAAG;AAC5B,UAAM,iBAAiB,aACnB,QAAQ,CAAC,MAAO,WAAW,IAAI,EAAE,QAAQ,CAAC,CAAE,EAC7C,KAAK,CAAC,MAAM,EAAE,aAAa,UAAU,EAAE,WAAW,GAAG;AACxD,UAAM,cAAc,gBAAgB,QAAQ,SAAS,EAAE;AAEvD,UAAM,UAAU,WAAW;AAC3B,UAAM,UAAU,SAAS,MAAM,KAAK,EAAE,CAAC,KAAK;AAC5C,UAAM,WAAW,MAAM,OAAO,GAAG,KAAK;AACtC,UAAM,QAAQ,eAAe,KAAK,OAAO;AAEzC,WAAO;AAAA,MACL,gCAAgC,KAAK,GAAG,QAAQ;AAAA,IAClD;AAAA,EACF;AAEA,MAAI,aAAa,cAAc;AAC7B,WAAO,kBAAkB,yCAAyC;AAAA,EACpE;AAEA,MAAI,aAAa,aAAa;AAC5B,WAAO,kBAAkB,8BAA8B;AAAA,EACzD;AAEA,MAAI,YAAY,IAAI,QAAQ,GAAG;AAC7B,WAAO,kBAAkB,0CAA0C;AAAA,EACrE;AAEA,MAAI,WAAW,IAAI,QAAQ,GAAG;AAC5B,WAAO,kBAAkB,0CAA0C;AAAA,EACrE;AAEA,MAAI,aAAa,IAAI,QAAQ,GAAG;AAC9B,WAAO,kBAAkB,6CAA6C;AAAA,EACxE;AAEA,MAAI,aAAa,YAAY;AAC3B,UAAM,MAAM,WAAW;AACvB,QAAI,SAAS;AACb,QAAI;AACF,eAAS,MAAM,IAAI,IAAI,GAAG,EAAE,WAAW;AAAA,IACzC,QAAQ;AAAA,IAAC;AACT,WAAO;AAAA,MACL,SACI,+BAA+B,MAAM,KACrC;AAAA,IACN;AAAA,EACF;AAEA,MAAI,aAAa,aAAa;AAC5B,WAAO,kBAAkB,6BAA6B;AAAA,EACxD;AAEA,MAAI,aAAa,QAAQ;AACvB,WAAO,kBAAkB,0BAA0B;AAAA,EACrD;AAEA,MAAI,aAAa,aAAa;AAC5B,WAAO,kBAAkB,6BAA6B;AAAA,EACxD;AAEA,SAAO,kBAAkB,mBAAmB;AAC9C;AAEO,SAAS,qCAAyD;AACvE,SAAO;AAAA,IACL;AAAA,MACE,MAAM;AAAA,MACN,MAAM;AAAA,MACN,UAAU;AAAA,IACZ;AAAA,IACA;AAAA,MACE,MAAM;AAAA,MACN,MAAM;AAAA,MACN,UAAU;AAAA,IACZ;AAAA,IACA;AAAA,MACE,MAAM;AAAA,MACN,MAAM;AAAA,MACN,UAAU;AAAA,IACZ;AAAA,EACF;AACF;","names":[]}

package/dist/adapters/claude/questions/utils.d.ts

@@ -1,6 +1,7 @@
 import { ToolKind, ToolCallContent } from '@agentclientprotocol/sdk';
 import { z } from 'zod';
 import { PermissionOption } from '../permissions/permission-options.js';
+import '@anthropic-ai/claude-agent-sdk';
 
 declare const OPTION_PREFIX = "option_";
 declare const QuestionOptionSchema: z.ZodObject<{

package/dist/agent.d.ts

@@ -1,5 +1,30 @@
-export { b as Agent } from './agent-DK1apkaG.js';
-import './types.js';
-import '@agentclientprotocol/sdk';
-import './logger-DDBiMOOD.js';
-import './posthog-api.js';
+import { AgentSideConnection } from '@agentclientprotocol/sdk';
+import { AgentConfig, TaskExecutionOptions } from './types.js';
+
+type StreamPair = {
+    readable: globalThis.ReadableStream<Uint8Array>;
+    writable: globalThis.WritableStream<Uint8Array>;
+};
+
+type AcpConnection = {
+    agentConnection?: AgentSideConnection;
+    clientStreams: StreamPair;
+    cleanup: () => Promise<void>;
+};
+type InProcessAcpConnection = AcpConnection;
+
+declare class Agent {
+    private posthogAPI?;
+    private logger;
+    private acpConnection?;
+    private taskRunId?;
+    private sessionLogWriter?;
+    constructor(config: AgentConfig);
+    private _configureLlmGateway;
+    run(taskId: string, taskRunId: string, options?: TaskExecutionOptions): Promise<InProcessAcpConnection>;
+    attachPullRequestToTask(taskId: string, prUrl: string, branchName?: string): Promise<void>;
+    flushAllLogs(): Promise<void>;
+    cleanup(): Promise<void>;
+}
+
+export { Agent };

package/dist/agent.js

@@ -276,7 +276,7 @@ import { v7 as uuidv7 } from "uuid";
 // package.json
 var package_default = {
   name: "@posthog/agent",
-  version: "2.1.70",
+  version: "2.1.82",
   repository: "https://github.com/PostHog/twig",
   description: "TypeScript agent framework wrapping Claude Agent SDK with Git-based task execution for PostHog",
   exports: {
@@ -348,7 +348,6 @@ var package_default = {
     node: ">=20.0.0"
   },
   devDependencies: {
-    "@changesets/cli": "^2.27.8",
     "@posthog/shared": "workspace:*",
     "@twig/git": "workspace:*",
     "@types/bun": "latest",
@@ -373,8 +372,6 @@ var package_default = {
     "@opentelemetry/semantic-conventions": "^1.28.0",
     "@types/jsonwebtoken": "^9.0.10",
     commander: "^14.0.2",
-    diff: "^8.0.2",
-    dotenv: "^17.2.3",
     hono: "^4.11.7",
     jsonwebtoken: "^9.0.2",
     tar: "^7.5.0",
@@ -1825,13 +1822,16 @@ function permissionOptions(allowAlwaysLabel) {
     }
   ];
 }
-function buildPermissionOptions(toolName, toolInput, cwd) {
+function buildPermissionOptions(toolName, toolInput, cwd, suggestions) {
   if (BASH_TOOLS.has(toolName)) {
+    const rawRuleContent = suggestions?.flatMap((s) => "rules" in s ? s.rules : []).find((r) => r.toolName === "Bash" && r.ruleContent)?.ruleContent;
+    const ruleContent = rawRuleContent?.replace(/:?\*$/, "");
     const command = toolInput?.command;
     const cmdName = command?.split(/\s+/)[0] ?? "this command";
     const cwdLabel = cwd ? ` in ${cwd}` : "";
+    const label = ruleContent ?? `\`${cmdName}\` commands`;
     return permissionOptions(
-      `Yes, and don't ask again for \`${cmdName}\` commands${cwdLabel}`
+      `Yes, and don't ask again for ${label}${cwdLabel}`
     );
   }
   if (toolName === "BashOutput") {
@@ -2092,7 +2092,8 @@ async function handleDefaultPermissionFlow(context) {
   const options = buildPermissionOptions(
     toolName,
     toolInput,
-    session?.cwd
+    session?.cwd,
+    suggestions
   );
   const response = await client.requestPermission({
     options,
@@ -2283,7 +2284,8 @@ function buildEnvironment() {
   return {
     ...process.env,
     ELECTRON_RUN_AS_NODE: "1",
-    CLAUDE_CODE_ENABLE_ASK_USER_QUESTION_TOOL: "true"
+    CLAUDE_CODE_ENABLE_ASK_USER_QUESTION_TOOL: "true",
+    ENABLE_EXPERIMENTAL_MCP_CLI: "true"
   };
 }
 function buildHooks(userHooks, onModeChange) {