@posthog/agent 2.3.169 → 2.3.172

package/dist/types.d.ts

@@ -82,6 +82,7 @@ interface TaskExecutionOptions {
     model?: string;
     gatewayUrl?: string;
     codexBinaryPath?: string;
+    instructions?: string;
     processCallbacks?: ProcessSpawnedCallback;
 }
 type LogLevel = "debug" | "info" | "warn" | "error";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@posthog/agent",
-  "version": "2.3.169",
+  "version": "2.3.172",
   "repository": "https://github.com/PostHog/code",
   "description": "TypeScript agent framework wrapping Claude Agent SDK with Git-based task execution for PostHog",
   "exports": {

package/src/adapters/codex/codex-agent.ts

@@ -36,6 +36,11 @@ import {
 } from "@agentclientprotocol/sdk";
 import packageJson from "../../../package.json" with { type: "json" };
 import { POSTHOG_NOTIFICATIONS } from "../../acp-extensions";
+import {
+  CODEX_NATIVE_MODES,
+  type CodexNativeMode,
+  type PermissionMode,
+} from "../../execution-mode";
 import type { ProcessSpawnedCallback } from "../../types";
 import { Logger } from "../../utils/logger";
 import {
@@ -80,6 +85,13 @@ type CodexSession = BaseSession & {
   settingsManager: CodexSettingsManager;
 };
 
+function toPermissionMode(mode?: string): PermissionMode {
+  if (mode && (CODEX_NATIVE_MODES as readonly string[]).includes(mode)) {
+    return mode as CodexNativeMode;
+  }
+  return "auto";
+}
+
 export class CodexAcpAgent extends BaseAcpAgent {
   readonly adapterName = "codex";
   declare session: CodexSession;
@@ -125,7 +137,7 @@ export class CodexAcpAgent extends BaseAcpAgent {
           this.sessionState ?? {
             sessionId: "",
             cwd: "",
-            modeId: "default",
+            modeId: "auto",
             configOptions: [],
             accumulatedUsage: {
               inputTokens: 0,
@@ -133,6 +145,7 @@ export class CodexAcpAgent extends BaseAcpAgent {
               cachedReadTokens: 0,
               cachedWriteTokens: 0,
             },
+            permissionMode: "auto",
             cancelled: false,
           },
         ),
@@ -182,6 +195,7 @@ export class CodexAcpAgent extends BaseAcpAgent {
       taskId: meta?.taskId ?? meta?.persistence?.taskId,
       modeId: response.modes?.currentModeId ?? "default",
       modelId: response.models?.currentModelId,
+      permissionMode: toPermissionMode(meta?.permissionMode),
     });
     this.sessionId = response.sessionId;
     this.sessionState.configOptions = response.configOptions ?? [];
@@ -282,18 +296,49 @@ export class CodexAcpAgent extends BaseAcpAgent {
 
     const response = await this.codexConnection.prompt(params);
 
-    // Emit PostHog usage notification
-    if (this.sessionState?.taskRunId && response.usage) {
-      await this.client.extNotification("_posthog/usage_update", {
+    if (this.sessionState && response.usage) {
+      // Accumulate token usage from the prompt response
+      this.sessionState.accumulatedUsage.inputTokens +=
+        response.usage.inputTokens ?? 0;
+      this.sessionState.accumulatedUsage.outputTokens +=
+        response.usage.outputTokens ?? 0;
+      this.sessionState.accumulatedUsage.cachedReadTokens +=
+        response.usage.cachedReadTokens ?? 0;
+      this.sessionState.accumulatedUsage.cachedWriteTokens +=
+        response.usage.cachedWriteTokens ?? 0;
+    }
+
+    if (this.sessionState?.taskRunId) {
+      const { accumulatedUsage } = this.sessionState;
+
+      await this.client.extNotification(POSTHOG_NOTIFICATIONS.TURN_COMPLETE, {
         sessionId: params.sessionId,
-        used: {
-          inputTokens: response.usage.inputTokens ?? 0,
-          outputTokens: response.usage.outputTokens ?? 0,
-          cachedReadTokens: response.usage.cachedReadTokens ?? 0,
-          cachedWriteTokens: response.usage.cachedWriteTokens ?? 0,
+        stopReason: response.stopReason ?? "end_turn",
+        usage: {
+          inputTokens: accumulatedUsage.inputTokens,
+          outputTokens: accumulatedUsage.outputTokens,
+          cachedReadTokens: accumulatedUsage.cachedReadTokens,
+          cachedWriteTokens: accumulatedUsage.cachedWriteTokens,
+          totalTokens:
+            accumulatedUsage.inputTokens +
+            accumulatedUsage.outputTokens +
+            accumulatedUsage.cachedReadTokens +
+            accumulatedUsage.cachedWriteTokens,
         },
-        cost: null,
       });
+
+      if (response.usage) {
+        await this.client.extNotification("_posthog/usage_update", {
+          sessionId: params.sessionId,
+          used: {
+            inputTokens: response.usage.inputTokens ?? 0,
+            outputTokens: response.usage.outputTokens ?? 0,
+            cachedReadTokens: response.usage.cachedReadTokens ?? 0,
+            cachedWriteTokens: response.usage.cachedWriteTokens ?? 0,
+          },
+          cost: null,
+        });
+      }
     }
 
     return response;
@@ -322,9 +367,16 @@ export class CodexAcpAgent extends BaseAcpAgent {
   async setSessionMode(
     params: SetSessionModeRequest,
   ): Promise<SetSessionModeResponse> {
-    const response = await this.codexConnection.setSessionMode(params);
+    const permissionMode = toPermissionMode(params.modeId);
+
+    const response = await this.codexConnection.setSessionMode({
+      ...params,
+      modeId: permissionMode,
+    });
+
     if (this.sessionState) {
-      this.sessionState.modeId = params.modeId;
+      this.sessionState.modeId = permissionMode;
+      this.sessionState.permissionMode = permissionMode;
     }
     return response ?? {};
   }

package/src/adapters/codex/codex-client.ts

@@ -23,11 +23,13 @@ import type {
   TerminalHandle,
   TerminalOutputRequest,
   TerminalOutputResponse,
+  ToolKind,
   WaitForTerminalExitRequest,
   WaitForTerminalExitResponse,
   WriteTextFileRequest,
   WriteTextFileResponse,
 } from "@agentclientprotocol/sdk";
+import type { PermissionMode } from "../../execution-mode";
 import type { Logger } from "../../utils/logger";
 import type { CodexSessionState } from "./session-state";
 
@@ -36,6 +38,32 @@ export interface CodexClientCallbacks {
   onUsageUpdate?: (update: Record<string, unknown>) => void;
 }
 
+const AUTO_APPROVED_KINDS: Partial<Record<PermissionMode, Set<ToolKind>>> = {
+  auto: new Set(["read", "search", "fetch", "think"]),
+  "read-only": new Set(["read", "search", "fetch", "think"]),
+  "full-access": new Set([
+    "read",
+    "edit",
+    "delete",
+    "move",
+    "search",
+    "execute",
+    "think",
+    "fetch",
+    "switch_mode",
+    "other",
+  ]),
+};
+
+function shouldAutoApprove(
+  mode: PermissionMode,
+  kind: ToolKind | null | undefined,
+): boolean {
+  if (mode === "full-access") return true;
+  if (!kind) return false;
+  return AUTO_APPROVED_KINDS[mode]?.has(kind) ?? false;
+}
+
 /**
  * Creates an ACP Client that delegates all requests from codex-acp
  * to the upstream PostHog Code client (via AgentSideConnection).
@@ -46,31 +74,63 @@ export function createCodexClient(
   sessionState: CodexSessionState,
   callbacks?: CodexClientCallbacks,
 ): Client {
-  // Track terminal handles for delegation
   const terminalHandles = new Map<string, TerminalHandle>();
 
   return {
     async requestPermission(
       params: RequestPermissionRequest,
     ): Promise<RequestPermissionResponse> {
-      logger.debug("Relaying permission request to upstream", {
-        sessionId: params.sessionId,
-      });
+      const kind = params.toolCall?.kind as ToolKind | null | undefined;
+
+      if (shouldAutoApprove(sessionState.permissionMode, kind)) {
+        logger.debug("Auto-approving permission", {
+          mode: sessionState.permissionMode,
+          kind,
+          toolCallId: params.toolCall?.toolCallId,
+        });
+        const allowOption = params.options?.find(
+          (o) => o.kind === "allow_once" || o.kind === "allow_always",
+        );
+        return {
+          outcome: {
+            outcome: "selected",
+            optionId: allowOption?.optionId ?? "allow",
+          },
+        };
+      }
+
       return upstreamClient.requestPermission(params);
     },
 
     async sessionUpdate(params: SessionNotification): Promise<void> {
-      // Parse usage data from session updates
       const update = params.update as Record<string, unknown> | undefined;
       if (update?.sessionUpdate === "usage_update") {
         const used = update.used as number | undefined;
         const size = update.size as number | undefined;
         if (used !== undefined) sessionState.contextUsed = used;
         if (size !== undefined) sessionState.contextSize = size;
+
+        // Accumulate per-message token usage when available
+        const inputTokens = update.inputTokens as number | undefined;
+        const outputTokens = update.outputTokens as number | undefined;
+        if (inputTokens !== undefined) {
+          sessionState.accumulatedUsage.inputTokens += inputTokens;
+        }
+        if (outputTokens !== undefined) {
+          sessionState.accumulatedUsage.outputTokens += outputTokens;
+        }
+        const cachedRead = update.cachedReadTokens as number | undefined;
+        const cachedWrite = update.cachedWriteTokens as number | undefined;
+        if (cachedRead !== undefined) {
+          sessionState.accumulatedUsage.cachedReadTokens += cachedRead;
+        }
+        if (cachedWrite !== undefined) {
+          sessionState.accumulatedUsage.cachedWriteTokens += cachedWrite;
+        }
+
         callbacks?.onUsageUpdate?.(update);
       }
 
-      // Forward to upstream client
       await upstreamClient.sessionUpdate(params);
     },
 

package/src/adapters/codex/session-state.ts

@@ -4,6 +4,7 @@
  */
 
 import type { SessionConfigOption } from "@agentclientprotocol/sdk";
+import type { PermissionMode } from "../../execution-mode";
 
 export interface CodexUsage {
   inputTokens: number;
@@ -21,6 +22,7 @@ export interface CodexSessionState {
   accumulatedUsage: CodexUsage;
   contextSize?: number;
   contextUsed?: number;
+  permissionMode: PermissionMode;
   cancelled: boolean;
   interruptReason?: string;
   taskRunId?: string;
@@ -35,12 +37,13 @@ export function createSessionState(
     taskId?: string;
     modeId?: string;
     modelId?: string;
+    permissionMode?: PermissionMode;
   },
 ): CodexSessionState {
   return {
     sessionId,
     cwd,
-    modeId: opts?.modeId ?? "default",
+    modeId: opts?.modeId ?? "auto",
     modelId: opts?.modelId,
     configOptions: [],
     accumulatedUsage: {
@@ -49,6 +52,7 @@ export function createSessionState(
       cachedReadTokens: 0,
       cachedWriteTokens: 0,
     },
+    permissionMode: opts?.permissionMode ?? "auto",
     cancelled: false,
     taskRunId: opts?.taskRunId,
     taskId: opts?.taskId,

package/src/adapters/codex/spawn.ts

@@ -10,6 +10,7 @@ export interface CodexProcessOptions {
   apiBaseUrl?: string;
   apiKey?: string;
   model?: string;
+  instructions?: string;
   binaryPath?: string;
   logger?: Logger;
   processCallbacks?: ProcessSpawnedCallback;
@@ -42,6 +43,13 @@ function buildConfigArgs(options: CodexProcessOptions): string[] {
     args.push("-c", `model="${options.model}"`);
   }
 
+  if (options.instructions) {
+    const escaped = options.instructions
+      .replace(/\\/g, "\\\\")
+      .replace(/"/g, '\\"');
+    args.push("-c", `instructions="${escaped}"`);
+  }
+
   return args;
 }
 

package/src/agent.ts

@@ -131,6 +131,7 @@ export class Agent {
               apiKey: gatewayConfig.apiKey,
               binaryPath: options.codexBinaryPath,
               model: sanitizedModel,
+              instructions: options.instructions,
             }
           : undefined,
     });

package/src/execution-mode.ts

@@ -1,7 +1,7 @@
 import { IS_ROOT } from "./utils/common";
 
 export interface ModeInfo {
-  id: CodeExecutionMode;
+  id: string;
   name: string;
   description: string;
 }
@@ -57,3 +57,39 @@ export function getAvailableModes(): ModeInfo[] {
     ? availableModes.filter((m) => m.id !== "bypassPermissions")
     : availableModes;
 }
+
+// --- Codex-native modes ---
+
+export const CODEX_NATIVE_MODES = ["auto", "read-only", "full-access"] as const;
+
+export type CodexNativeMode = (typeof CODEX_NATIVE_MODES)[number];
+
+/** Union of all permission mode IDs across adapters */
+export type PermissionMode = CodeExecutionMode | CodexNativeMode;
+
+const codexModes: ModeInfo[] = [
+  {
+    id: "read-only",
+    name: "Read Only",
+    description: "Read-only access, no file modifications",
+  },
+  {
+    id: "auto",
+    name: "Auto",
+    description: "Standard behavior, prompts for dangerous operations",
+  },
+];
+
+if (ALLOW_BYPASS) {
+  codexModes.push({
+    id: "full-access",
+    name: "Full Access",
+    description: "Auto-accept all permission requests",
+  });
+}
+
+export function getAvailableCodexModes(): ModeInfo[] {
+  return IS_ROOT
+    ? codexModes.filter((m) => m.id !== "full-access")
+    : codexModes;
+}

package/src/types.ts

@@ -112,6 +112,7 @@ export interface TaskExecutionOptions {
   model?: string;
   gatewayUrl?: string;
   codexBinaryPath?: string;
+  instructions?: string;
   processCallbacks?: ProcessSpawnedCallback;
 }