agent-control-plane 0.1.7 → 0.1.9

package/tools/bin/agent-project-reconcile-pr-session

@@ -168,6 +168,9 @@ fi
 result_outcome=""
 result_action=""
 result_issue_id="${ISSUE_ID:-}"
+result_detail=""
+run_started_at="${STARTED_AT:-}"
+expected_run_started_at="${ACP_EXPECTED_RUN_STARTED_AT:-${F_LOSNING_EXPECTED_RUN_STARTED_AT:-}}"
 host_blocker_file="${run_dir}/host-blocker.md"
 prompt_file="${run_dir}/prompt.md"
 pr_comment_file="${run_dir}/pr-comment.md"
@@ -184,9 +187,18 @@ if [[ -f "$result_file_candidate" ]]; then
   set +a
   result_outcome="${OUTCOME:-}"
   result_action="${ACTION:-}"
+  result_detail="${DETAIL:-}"
   result_issue_id="${ISSUE_ID:-${result_issue_id}}"
 fi
 
+if [[ -n "${expected_run_started_at}" && "${expected_run_started_at}" != "${run_started_at}" ]]; then
+  printf 'STATUS=STALE-RUN-SKIPPED\n'
+  printf 'SESSION=%s\n' "$session"
+  printf 'EXPECTED_STARTED_AT=%s\n' "${expected_run_started_at}"
+  printf 'ACTUAL_STARTED_AT=%s\n' "${run_started_at}"
+  exit 0
+fi
+
 pr_schedule_retry() { :; }
 pr_clear_retry() { :; }
 pr_cleanup_linked_issue_session() { :; }
@@ -225,6 +237,8 @@ clear_provider_quota_cooldown() {
   "${provider_cooldown_script}" clear >/dev/null || true
 }
 
+blocked_runtime_reason=""
+
 owner="${repo_slug%%/*}"
 repo="${repo_slug#*/}"
 pr_view_json="$(flow_github_pr_view_json "$repo_slug" "$pr_number")"
@@ -339,6 +353,11 @@ normalize_pr_result_contract() {
         host-comment-pr-blocker)
           return 0
           ;;
+        host-comment-blocker)
+          result_action="host-comment-pr-blocker"
+          pr_result_contract_note="normalized-legacy-blocked-action"
+          return 0
+          ;;
         requested-changes-or-blocked)
           result_action="host-comment-pr-blocker"
           pr_result_contract_note="normalized-legacy-blocked-action"
@@ -358,8 +377,15 @@ normalize_pr_result_contract() {
 }
 
 mark_reconciled() {
+  local reconciled_at tmp_file
   if [[ -d "$run_dir" ]]; then
-    touch "${run_dir}/reconciled.ok"
+    reconciled_at="$(date -u +"%Y-%m-%dT%H:%M:%SZ")"
+    tmp_file="${run_dir}/reconciled.ok.tmp.$$"
+    {
+      printf 'STARTED_AT=%s\n' "${run_started_at}"
+      printf 'RECONCILED_AT=%s\n' "${reconciled_at}"
+    } >"${tmp_file}"
+    mv "${tmp_file}" "${run_dir}/reconciled.ok"
   fi
 }
 
@@ -393,6 +419,20 @@ blocked_result_indicates_local_bind_failure() {
   return 1
 }
 
+classify_pr_blocked_runtime_reason() {
+  if [[ "${result_detail:-}" == "worker-tool-exec-empty-command" ]]; then
+    printf 'worker-tool-exec-empty-command\n'
+    return 0
+  fi
+
+  if [[ -f "$session_log_file" ]] && grep -Fq '[tools] exec failed: Provide a command to start.' "$session_log_file"; then
+    printf 'worker-tool-exec-empty-command\n'
+    return 0
+  fi
+
+  return 1
+}
+
 extract_preapproved_host_recovery_commands() {
   [[ -f "$prompt_file" ]] || return 0
   sed -n 's/^.*loopback retry command: `\(.*\)`$/\1/p' "$prompt_file"
@@ -700,18 +740,53 @@ merge_state_prepared() {
   git -C "$pr_worktree" rev-parse -q --verify MERGE_HEAD >/dev/null 2>&1
 }
 
+current_github_login() {
+  flow_export_github_cli_auth_env "${repo_slug}"
+  gh api user --jq '.login // ""' 2>/dev/null || true
+}
+
+pr_author_login() {
+  flow_export_github_cli_auth_env "${repo_slug}"
+  gh pr view "${pr_number}" -R "${repo_slug}" --json author --jq '.author.login // ""' 2>/dev/null || true
+}
+
+pr_is_self_authored_for_current_actor() {
+  local actor_login=""
+  local author_login=""
+
+  actor_login="$(current_github_login)"
+  author_login="$(pr_author_login)"
+  [[ -n "${actor_login}" && -n "${author_login}" && "${actor_login}" == "${author_login}" ]]
+}
+
+pr_remote_head_oid() {
+  flow_export_github_cli_auth_env "${repo_slug}"
+  gh pr view "${pr_number}" -R "${repo_slug}" --json headRefOid --jq '.headRefOid // ""' 2>/dev/null || true
+}
+
+pr_remote_already_has_final_head() {
+  local final_head="${FINAL_HEAD:-}"
+  local remote_head=""
+
+  [[ -n "${final_head}" ]] || return 1
+  remote_head="$(pr_remote_head_oid)"
+  [[ -n "${remote_head}" && "${remote_head}" == "${final_head}" ]]
+}
+
 approve_and_merge() {
   local approve_output
-  if ! approve_output="$(
-    flow_github_api_repo "${repo_slug}" "pulls/${pr_number}/reviews" \
-      --method POST \
-      -f event=APPROVE \
-      -f body="Automated final review passed. Safe low-risk scope, green checks, and host-side merge approved." \
-      2>&1
-  )"; then
-    if ! grep -q "Can not approve your own pull request" <<<"$approve_output"; then
-      printf '%s\n' "$approve_output" >&2
-      return 1
+  if ! pr_is_self_authored_for_current_actor; then
+    if ! approve_output="$(
+      flow_github_api_repo "${repo_slug}" "pulls/${pr_number}/reviews" \
+        --method POST \
+        -f event=APPROVE \
+        -f body="Automated final review passed. Safe low-risk scope, green checks, and host-side merge approved." \
+        2>&1
+    )"; then
+      if ! grep -q "Can not approve your own pull request" <<<"$approve_output"; then
+        printf '%s\n' "$approve_output" >&2
+        return 1
+      fi
     fi
   fi
 
@@ -753,7 +828,14 @@ handle_linked_issue_merge_cleanup() {
 
 handle_updated_branch_result() {
   if [[ -z "$pr_worktree" || ! -d "$pr_worktree" ]]; then
-    if pr_comment_already_posted; then
+    if pr_remote_already_has_final_head; then
+      post_pr_comment_if_present
+      require_transition "pr_clear_retry" pr_clear_retry
+      require_transition "pr_after_updated_branch" pr_after_updated_branch "$pr_number"
+      cleanup_pr_session
+      result_action="${result_action:-host-push-pr-branch}"
+      notify_pr_reconciled
+    elif pr_comment_already_posted; then
       require_transition "pr_clear_retry" pr_clear_retry
       require_transition "pr_after_updated_branch" pr_after_updated_branch "$pr_number"
       cleanup_pr_session
@@ -968,7 +1050,16 @@ elif [[ "$status" == "SUCCEEDED" && "$result_outcome" == "no-change-needed" ]];
     fi
   fi
 elif [[ "$status" == "SUCCEEDED" && "$result_outcome" == "blocked" ]]; then
-  if attempt_blocked_pr_host_verification_recovery; then
+  blocked_runtime_reason="$(classify_pr_blocked_runtime_reason || true)"
+  if [[ -n "${blocked_runtime_reason:-}" ]]; then
+    status="FAILED"
+    failure_reason="${blocked_runtime_reason}"
+    require_transition "pr_schedule_retry" pr_schedule_retry "$failure_reason"
+    require_transition "pr_after_failed" pr_after_failed "$pr_number"
+    cleanup_pr_session
+    result_action="queued-pr-retry"
+    notify_pr_reconciled
+  elif attempt_blocked_pr_host_verification_recovery; then
     handle_updated_branch_result
   else
     post_pr_comment_if_present

package/tools/bin/agent-project-run-claude-session

@@ -11,12 +11,13 @@ persist the standard run artifacts.
 
 Options:
   --claude-model <name>             Claude model alias or full name
-  --claude-permission-mode <mode>   Claude permission mode (e.g. dontAsk, bypassPermissions)
+  --claude-permission-mode <mode>   Claude permission mode (e.g. acceptEdits, bypassPermissions)
   --claude-effort <level>           Claude effort level (low, medium, high, max)
   --claude-timeout-seconds <secs>   Claude command timeout (default: 900)
   --claude-max-attempts <count>     Retry transient failures this many times (default: 3)
   --claude-retry-backoff-seconds <s>
                                    Sleep between transient retries (default: 30)
+  --claude-allowed-tools <spec>     Allowed Claude tools for headless runs
   --env-prefix <prefix>             Export prefixed runtime/context env vars inside the worker
   --context <KEY=VALUE>             Extra metadata written to run.env and exported to the worker
   --collect-file <name>             Copy sandbox artifact file into the host run dir after execution
@@ -35,11 +36,12 @@ adapter_id=""
 task_kind=""
 task_id=""
 claude_model="${ACP_CLAUDE_MODEL:-${F_LOSNING_CLAUDE_MODEL:-sonnet}}"
-claude_permission_mode="${ACP_CLAUDE_PERMISSION_MODE:-${F_LOSNING_CLAUDE_PERMISSION_MODE:-dontAsk}}"
+claude_permission_mode="${ACP_CLAUDE_PERMISSION_MODE:-${F_LOSNING_CLAUDE_PERMISSION_MODE:-acceptEdits}}"
 claude_effort="${ACP_CLAUDE_EFFORT:-${F_LOSNING_CLAUDE_EFFORT:-medium}}"
 claude_timeout_seconds="${ACP_CLAUDE_TIMEOUT_SECONDS:-${F_LOSNING_CLAUDE_TIMEOUT_SECONDS:-900}}"
 claude_max_attempts="${ACP_CLAUDE_MAX_ATTEMPTS:-${F_LOSNING_CLAUDE_MAX_ATTEMPTS:-3}}"
 claude_retry_backoff_seconds="${ACP_CLAUDE_RETRY_BACKOFF_SECONDS:-${F_LOSNING_CLAUDE_RETRY_BACKOFF_SECONDS:-30}}"
+claude_allowed_tools="${ACP_CLAUDE_ALLOWED_TOOLS:-${F_LOSNING_CLAUDE_ALLOWED_TOOLS:-Bash(*),Read,Grep,Glob,LS,Edit,Write,MultiEdit}}"
 env_prefix=""
 sandbox_subdir=".openclaw-artifacts"
 reconcile_command=""
@@ -59,6 +61,24 @@ resolve_claude_bin() {
     return 0
   fi
 
+  # Well-known install locations for Claude Code CLI.
+  # Detached supervisors and LaunchAgents run with a minimal PATH that
+  # does not include user-local directories, so command -v alone is not
+  # enough.  Try the common locations explicitly.
+  local -a fallback_paths=(
+    "${HOME}/.local/bin/claude"
+    "${HOME}/.claude/local/bin/claude"
+    "/usr/local/bin/claude"
+    "/opt/homebrew/bin/claude"
+  )
+  local p
+  for p in "${fallback_paths[@]}"; do
+    if [[ -x "${p}" ]]; then
+      printf '%s\n' "${p}"
+      return 0
+    fi
+  done
+
   return 1
 }
 
@@ -94,6 +114,7 @@ while [[ $# -gt 0 ]]; do
     --claude-timeout-seconds) claude_timeout_seconds="${2:-}"; shift 2 ;;
     --claude-max-attempts) claude_max_attempts="${2:-}"; shift 2 ;;
     --claude-retry-backoff-seconds) claude_retry_backoff_seconds="${2:-}"; shift 2 ;;
+    --claude-allowed-tools) claude_allowed_tools="${2:-}"; shift 2 ;;
     --env-prefix) env_prefix="${2:-}"; shift 2 ;;
     --context) context_items+=("${2:-}"); shift 2 ;;
     --collect-file) collect_files+=("${2:-}"); shift 2 ;;
@@ -156,11 +177,31 @@ meta_file="${artifact_dir}/run.env"
 result_file="${artifact_dir}/result.env"
 runner_state_file="${artifact_dir}/runner.env"
 sandbox_run_dir="${worktree%/}/${sandbox_subdir}/${session}"
+claude_settings_file="${artifact_dir}/claude-headless-settings.json"
+claude_mcp_config_file="${artifact_dir}/claude-headless-mcp.json"
+claude_debug_file="${artifact_dir}/claude-debug.log"
 started_at="$(date -u +"%Y-%m-%dT%H:%M:%SZ")"
 
 mkdir -p "$artifact_dir"
 mkdir -p "$sandbox_run_dir"
 
+effective_claude_permission_mode="${claude_permission_mode}"
+if [[ "${effective_claude_permission_mode}" == "dontAsk" ]]; then
+  effective_claude_permission_mode="acceptEdits"
+fi
+
+cat >"$claude_settings_file" <<'EOF'
+{
+  "disableAllHooks": true
+}
+EOF
+
+cat >"$claude_mcp_config_file" <<'EOF'
+{
+  "mcpServers": {}
+}
+EOF
+
 if tmux has-session -t "$session" 2>/dev/null; then
   echo "tmux session already exists: $session" >&2
   exit 1
@@ -187,10 +228,15 @@ printf -v started_at_q '%q' "$started_at"
 printf -v claude_bin_q '%q' "$claude_bin"
 printf -v claude_model_q '%q' "$claude_model"
 printf -v claude_permission_mode_q '%q' "$claude_permission_mode"
+printf -v claude_effective_permission_mode_q '%q' "$effective_claude_permission_mode"
 printf -v claude_effort_q '%q' "$claude_effort"
 printf -v claude_timeout_q '%q' "$claude_timeout_seconds"
 printf -v claude_max_attempts_q '%q' "$claude_max_attempts"
 printf -v claude_retry_backoff_q '%q' "$claude_retry_backoff_seconds"
+printf -v claude_allowed_tools_q '%q' "$claude_allowed_tools"
+printf -v claude_settings_file_q '%q' "$claude_settings_file"
+printf -v claude_mcp_config_file_q '%q' "$claude_mcp_config_file"
+printf -v claude_debug_file_q '%q' "$claude_debug_file"
 printf -v python_bin_q '%q' "$python_bin"
 printf -v sandbox_subdir_q '%q' "$sandbox_subdir"
 printf -v claude_thread_id_q '%q' "claude-print-${session}"
@@ -213,10 +259,15 @@ printf -v claude_thread_id_q '%q' "claude-print-${session}"
   printf 'CLAUDE_BIN=%s\n' "$claude_bin_q"
   printf 'CLAUDE_MODEL=%s\n' "$claude_model_q"
   printf 'CLAUDE_PERMISSION_MODE=%s\n' "$claude_permission_mode_q"
+  printf 'CLAUDE_EFFECTIVE_PERMISSION_MODE=%s\n' "$claude_effective_permission_mode_q"
   printf 'CLAUDE_EFFORT=%s\n' "$claude_effort_q"
   printf 'CLAUDE_TIMEOUT_SECONDS=%s\n' "$claude_timeout_q"
   printf 'CLAUDE_MAX_ATTEMPTS=%s\n' "$claude_max_attempts_q"
   printf 'CLAUDE_RETRY_BACKOFF_SECONDS=%s\n' "$claude_retry_backoff_q"
+  printf 'CLAUDE_ALLOWED_TOOLS=%s\n' "$claude_allowed_tools_q"
+  printf 'CLAUDE_SETTINGS_FILE=%s\n' "$claude_settings_file_q"
+  printf 'CLAUDE_MCP_CONFIG_FILE=%s\n' "$claude_mcp_config_file_q"
+  printf 'CLAUDE_DEBUG_FILE=%s\n' "$claude_debug_file_q"
   printf 'PYTHON_BIN=%s\n' "$python_bin_q"
 } >"$meta_file"
 
@@ -315,7 +366,7 @@ fi
 
 reconcile_snippet=""
 if [[ -n "$reconcile_command" ]]; then
-  printf -v delayed_reconcile_q '%q' "sleep 2; $reconcile_command"
+  printf -v delayed_reconcile_q '%q' "export ACP_EXPECTED_RUN_STARTED_AT=${started_at_q}; export F_LOSNING_EXPECTED_RUN_STARTED_AT=${started_at_q}; while tmux has-session -t ${session_q} 2>/dev/null; do sleep 1; done; sleep 2; $reconcile_command"
   reconcile_snippet="nohup bash -lc ${delayed_reconcile_q} >> ${output_q} 2>&1 </dev/null &"
 fi
 
@@ -334,14 +385,20 @@ host_result_file=${result_q}
 claude_bin=${claude_bin_q}
 claude_model=${claude_model_q}
 claude_permission_mode=${claude_permission_mode_q}
+claude_effective_permission_mode=${claude_effective_permission_mode_q}
 claude_effort=${claude_effort_q}
 claude_timeout_seconds=${claude_timeout_q}
 claude_max_attempts=${claude_max_attempts_q}
 claude_retry_backoff_seconds=${claude_retry_backoff_q}
+claude_allowed_tools=${claude_allowed_tools_q}
+claude_settings_file=${claude_settings_file_q}
+claude_mcp_config_file=${claude_mcp_config_file_q}
+claude_debug_file=${claude_debug_file_q}
 python_bin=${python_bin_q}
 worktree_root=${worktree_q}
 sandbox_subdir=${sandbox_subdir_q}
 prompt_file=${prompt_q}
+export CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC=1
 
 write_state() {
   local runner_state="\${1:?runner state required}"
@@ -370,48 +427,119 @@ write_state() {
 
 run_with_timeout() {
   local timeout_seconds="\${1:?timeout seconds required}"
+  local stdin_file="\${2:?stdin file required}"
+  shift
   shift
 
-  "\${python_bin}" - "\${timeout_seconds}" "\$@" <<'PY'
+  "\${python_bin}" - "\${timeout_seconds}" "\${stdin_file}" "\$@" <<'PY'
+import errno
+import fcntl
 import os
+import selectors
 import signal
 import subprocess
 import sys
+import time
 
 timeout_seconds = float(sys.argv[1])
-argv = sys.argv[2:]
+stdin_path = sys.argv[2]
+argv = sys.argv[3:]
 
 if not argv:
     sys.exit(64)
 
-proc = subprocess.Popen(argv, start_new_session=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+stdin_handle = open(stdin_path, "rb")
+proc = subprocess.Popen(
+    argv,
+    start_new_session=True,
+    stdin=stdin_handle,
+    stdout=subprocess.PIPE,
+    stderr=subprocess.PIPE,
+)
 
-try:
-    stdout, stderr = proc.communicate(timeout=timeout_seconds)
-except subprocess.TimeoutExpired:
+for stream in (proc.stdout, proc.stderr):
+    if stream is None:
+        continue
+    flags = fcntl.fcntl(stream.fileno(), fcntl.F_GETFL)
+    fcntl.fcntl(stream.fileno(), fcntl.F_SETFL, flags | os.O_NONBLOCK)
+
+selector = selectors.DefaultSelector()
+if proc.stdout is not None:
+    selector.register(proc.stdout, selectors.EVENT_READ, sys.stdout.buffer)
+if proc.stderr is not None:
+    selector.register(proc.stderr, selectors.EVENT_READ, sys.stderr.buffer)
+
+def terminate_process_group(sig):
     try:
-        os.killpg(proc.pid, signal.SIGTERM)
+        os.killpg(proc.pid, sig)
     except ProcessLookupError:
-        pass
-    try:
-        stdout, stderr = proc.communicate(timeout=2)
-    except subprocess.TimeoutExpired:
+        return
+
+def drain_streams(wait_seconds):
+    events = selector.select(wait_seconds)
+    for key, _ in events:
         try:
-            os.killpg(proc.pid, signal.SIGKILL)
-        except ProcessLookupError:
-            pass
-        stdout, stderr = proc.communicate()
-    if stdout:
-        sys.stdout.buffer.write(stdout)
-    if stderr:
-        sys.stderr.buffer.write(stderr)
-    sys.exit(124)
+            chunk = key.fileobj.read()
+        except BlockingIOError:
+            continue
+        except OSError as exc:
+            if exc.errno == errno.EAGAIN:
+                continue
+            raise
+        if not chunk:
+            selector.unregister(key.fileobj)
+            continue
+        key.data.write(chunk)
+        key.data.flush()
+
+def handle_parent_signal(signum, _frame):
+    terminate_process_group(signal.SIGTERM)
+    deadline = time.monotonic() + 2.0
+    while proc.poll() is None and time.monotonic() < deadline:
+        drain_streams(0.1)
+    if proc.poll() is None:
+        terminate_process_group(signal.SIGKILL)
+    while selector.get_map():
+        drain_streams(0)
+    sys.exit(128 + signum)
+
+for signum in (signal.SIGTERM, signal.SIGINT, signal.SIGHUP):
+    signal.signal(signum, handle_parent_signal)
+
+deadline = time.monotonic() + timeout_seconds
+grace_deadline = None
+timed_out = False
 
-if stdout:
-    sys.stdout.buffer.write(stdout)
-if stderr:
-    sys.stderr.buffer.write(stderr)
-sys.exit(proc.returncode)
+try:
+    while True:
+        now = time.monotonic()
+        if not timed_out and now >= deadline:
+            timed_out = True
+            grace_deadline = now + 2.0
+            terminate_process_group(signal.SIGTERM)
+        elif timed_out and grace_deadline is not None and proc.poll() is None and now >= grace_deadline:
+            grace_deadline = None
+            terminate_process_group(signal.SIGKILL)
+
+        wait_seconds = 0.1
+        if not timed_out:
+            wait_seconds = max(0.0, min(0.1, deadline - now))
+        elif grace_deadline is not None:
+            wait_seconds = max(0.0, min(0.1, grace_deadline - now))
+
+        drain_streams(wait_seconds)
+
+        if proc.poll() is not None and not selector.get_map():
+            break
+finally:
+    while selector.get_map():
+        drain_streams(0)
+
+if timed_out and proc.returncode is None:
+    sys.exit(124)
+if timed_out:
+    sys.exit(124)
+sys.exit(proc.wait())
 PY
 }
 
@@ -528,28 +656,30 @@ HOOK_EOF
 }
 
 classify_failure_reason() {
-  local log_file="\${1:-\${output_file}}"
-
-  if grep -Eiq 'authentication|unauthorized|login required|invalid api key|api key' "\${log_file}" 2>/dev/null; then
-    printf 'auth-failure\n'
-    return 0
-  fi
-  if grep -Eiq 'rate limit|quota exceeded|insufficient credits|payment required|429' "\${log_file}" 2>/dev/null; then
-    printf 'provider-quota-limit\n'
-    return 0
-  fi
-  if grep -Eiq 'model .* not available|unsupported model|invalid model|model not found' "\${log_file}" 2>/dev/null; then
-    printf 'model-unavailable\n'
-    return 0
-  fi
-  if grep -Eiq 'connection reset|connection error|network error|temporarily unavailable|ECONNRESET|ECONNREFUSED|ENOTFOUND|EAI_AGAIN' "\${log_file}" 2>/dev/null; then
-    printf 'network-connection\n'
-    return 0
-  fi
-  if grep -Eiq 'timeout|timed out|ETIMEDOUT' "\${log_file}" 2>/dev/null; then
-    printf 'timeout\n'
-    return 0
-  fi
+  local log_file=""
+  for log_file in "\$@"; do
+    [[ -n "\${log_file}" && -f "\${log_file}" ]] || continue
+    if grep -Eiq 'authentication|unauthorized|login required|invalid api key|api key' "\${log_file}" 2>/dev/null; then
+      printf 'auth-failure\n'
+      return 0
+    fi
+    if grep -Eiq 'rate limit|quota exceeded|insufficient credits|payment required|429' "\${log_file}" 2>/dev/null; then
+      printf 'provider-quota-limit\n'
+      return 0
+    fi
+    if grep -Eiq 'model .* not available|unsupported model|invalid model|model not found' "\${log_file}" 2>/dev/null; then
+      printf 'model-unavailable\n'
+      return 0
+    fi
+    if grep -Eiq 'connection reset|connection error|network error|temporarily unavailable|ECONNRESET|ECONNREFUSED|ENOTFOUND|EAI_AGAIN' "\${log_file}" 2>/dev/null; then
+      printf 'network-connection\n'
+      return 0
+    fi
+    if grep -Eiq 'timeout|timed out|ETIMEDOUT' "\${log_file}" 2>/dev/null; then
+      printf 'timeout\n'
+      return 0
+    fi
+  done
   printf 'claude-exit-failed\n'
 }
 
@@ -580,17 +710,23 @@ reset_sandbox_run_dir
 ensure_workspace_excludes
 install_pre_commit_scope_hook
 
-prompt_payload="\$(cat "\${prompt_file}")"
 claude_args=(
   -p
   --output-format text
+  --verbose
+  --debug-file "\${claude_debug_file}"
   --no-session-persistence
-  --permission-mode "\${claude_permission_mode}"
+  --permission-mode "\${claude_effective_permission_mode}"
+  --allowed-tools "\${claude_allowed_tools}"
+  --disable-slash-commands
+  --strict-mcp-config
+  --mcp-config "\${claude_mcp_config_file}"
+  --settings "\${claude_settings_file}"
   --model "\${claude_model}"
   --effort "\${claude_effort}"
   --add-dir ${worktree_q}
 )
-if [[ "\${claude_permission_mode}" == "bypassPermissions" ]]; then
+if [[ "\${claude_effective_permission_mode}" == "bypassPermissions" ]]; then
   claude_args+=(--allow-dangerously-skip-permissions)
 fi
 
@@ -602,7 +738,7 @@ while (( attempt <= claude_max_attempts )); do
   attempt_log_file="\${artifact_dir}/claude-attempt-\${attempt}.log"
   write_state running '' '' "\${attempt}" "\$((attempt - 1))"
   printf '\n[claude-attempt] %s/%s\n' "\${attempt}" "\${claude_max_attempts}" | tee -a "\${output_file}" >/dev/null
-  run_with_timeout "\${claude_timeout_seconds}" "\${claude_bin}" "\${claude_args[@]}" "\${prompt_payload}" >"\${attempt_log_file}" 2>&1
+  run_with_timeout "\${claude_timeout_seconds}" "\${prompt_file}" "\${claude_bin}" "\${claude_args[@]}" >"\${attempt_log_file}" 2>&1
   status=\$?
   cat "\${attempt_log_file}" >>"\${output_file}"
   if [[ "\${status}" -eq 0 ]]; then
@@ -612,7 +748,7 @@ while (( attempt <= claude_max_attempts )); do
   if [[ "\${status}" -eq 124 ]]; then
     failure_reason="timeout"
   else
-    failure_reason="\$(classify_failure_reason "\${attempt_log_file}")"
+    failure_reason="\$(classify_failure_reason "\${attempt_log_file}" "\${claude_debug_file}")"
   fi
   if (( attempt >= claude_max_attempts )) || ! is_retryable_failure_reason "\${failure_reason}"; then
     break
@@ -629,6 +765,8 @@ if [[ -f "\${result_file_path}" ]]; then
 else
   if [[ "\${status}" -eq 0 ]]; then
     write_result_fallback "missing-result-contract"
+  elif [[ "\${status}" -ne 124 && -n "\${failure_reason}" && "\${failure_reason}" != "claude-exit-failed" ]]; then
+    write_result_fallback "\${failure_reason}"
   else
     write_result_fallback "worker-exit-\${status}"
   fi

package/tools/bin/agent-project-run-codex-session

@@ -256,7 +256,7 @@ fi
 
 reconcile_snippet=""
 if [[ -n "$reconcile_command" ]]; then
-  printf -v delayed_reconcile_q '%q' "sleep 2; $reconcile_command"
+  printf -v delayed_reconcile_q '%q' "export ACP_EXPECTED_RUN_STARTED_AT=${started_at_q}; export F_LOSNING_EXPECTED_RUN_STARTED_AT=${started_at_q}; while tmux has-session -t ${session_q} 2>/dev/null; do sleep 1; done; sleep 2; $reconcile_command"
   reconcile_snippet="nohup bash -lc ${delayed_reconcile_q} >> ${output_q} 2>&1 </dev/null &"
 fi