npm - gencode-ai - Versions diffs - 0.1.0 - Mend

gencode-ai 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (274) hide show

package/.env.example +11 -0
package/CLAUDE.md +70 -0
package/LICENSE +21 -0
package/README.md +117 -0
package/dist/agent/agent.d.ts +84 -0
package/dist/agent/agent.d.ts.map +1 -0
package/dist/agent/agent.js +233 -0
package/dist/agent/agent.js.map +1 -0
package/dist/agent/index.d.ts +6 -0
package/dist/agent/index.d.ts.map +1 -0
package/dist/agent/index.js +6 -0
package/dist/agent/index.js.map +1 -0
package/dist/agent/types.d.ts +47 -0
package/dist/agent/types.d.ts.map +1 -0
package/dist/agent/types.js +5 -0
package/dist/agent/types.js.map +1 -0
package/dist/cli/components/App.d.ts +14 -0
package/dist/cli/components/App.d.ts.map +1 -0
package/dist/cli/components/App.js +395 -0
package/dist/cli/components/App.js.map +1 -0
package/dist/cli/components/CommandSuggestions.d.ts +13 -0
package/dist/cli/components/CommandSuggestions.d.ts.map +1 -0
package/dist/cli/components/CommandSuggestions.js +32 -0
package/dist/cli/components/CommandSuggestions.js.map +1 -0
package/dist/cli/components/Header.d.ts +9 -0
package/dist/cli/components/Header.d.ts.map +1 -0
package/dist/cli/components/Header.js +13 -0
package/dist/cli/components/Header.js.map +1 -0
package/dist/cli/components/Input.d.ts +13 -0
package/dist/cli/components/Input.d.ts.map +1 -0
package/dist/cli/components/Input.js +27 -0
package/dist/cli/components/Input.js.map +1 -0
package/dist/cli/components/Logo.d.ts +2 -0
package/dist/cli/components/Logo.d.ts.map +1 -0
package/dist/cli/components/Logo.js +8 -0
package/dist/cli/components/Logo.js.map +1 -0
package/dist/cli/components/Messages.d.ts +37 -0
package/dist/cli/components/Messages.d.ts.map +1 -0
package/dist/cli/components/Messages.js +106 -0
package/dist/cli/components/Messages.js.map +1 -0
package/dist/cli/components/ModelSelector.d.ts +13 -0
package/dist/cli/components/ModelSelector.d.ts.map +1 -0
package/dist/cli/components/ModelSelector.js +72 -0
package/dist/cli/components/ModelSelector.js.map +1 -0
package/dist/cli/components/Spinner.d.ts +12 -0
package/dist/cli/components/Spinner.d.ts.map +1 -0
package/dist/cli/components/Spinner.js +45 -0
package/dist/cli/components/Spinner.js.map +1 -0
package/dist/cli/components/index.d.ts +12 -0
package/dist/cli/components/index.d.ts.map +1 -0
package/dist/cli/components/index.js +12 -0
package/dist/cli/components/index.js.map +1 -0
package/dist/cli/components/theme.d.ts +31 -0
package/dist/cli/components/theme.d.ts.map +1 -0
package/dist/cli/components/theme.js +36 -0
package/dist/cli/components/theme.js.map +1 -0
package/dist/cli/index-legacy.d.ts +7 -0
package/dist/cli/index-legacy.d.ts.map +1 -0
package/dist/cli/index-legacy.js +431 -0
package/dist/cli/index-legacy.js.map +1 -0
package/dist/cli/index.d.ts +7 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +116 -0
package/dist/cli/index.js.map +1 -0
package/dist/cli/ink-cli.d.ts +7 -0
package/dist/cli/ink-cli.d.ts.map +1 -0
package/dist/cli/ink-cli.js +105 -0
package/dist/cli/ink-cli.js.map +1 -0
package/dist/cli/session-picker.d.ts +16 -0
package/dist/cli/session-picker.d.ts.map +1 -0
package/dist/cli/session-picker.js +280 -0
package/dist/cli/session-picker.js.map +1 -0
package/dist/cli/ui.d.ts +61 -0
package/dist/cli/ui.d.ts.map +1 -0
package/dist/cli/ui.js +364 -0
package/dist/cli/ui.js.map +1 -0
package/dist/config/index.d.ts +7 -0
package/dist/config/index.d.ts.map +1 -0
package/dist/config/index.js +6 -0
package/dist/config/index.js.map +1 -0
package/dist/config/manager.d.ts +31 -0
package/dist/config/manager.d.ts.map +1 -0
package/dist/config/manager.js +65 -0
package/dist/config/manager.js.map +1 -0
package/dist/config/types.d.ts +22 -0
package/dist/config/types.d.ts.map +1 -0
package/dist/config/types.js +6 -0
package/dist/config/types.js.map +1 -0
package/dist/index.d.ts +12 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +21 -0
package/dist/index.js.map +1 -0
package/dist/memory/index.d.ts +10 -0
package/dist/memory/index.d.ts.map +1 -0
package/dist/memory/index.js +9 -0
package/dist/memory/index.js.map +1 -0
package/dist/memory/init.d.ts +20 -0
package/dist/memory/init.d.ts.map +1 -0
package/dist/memory/init.js +332 -0
package/dist/memory/init.js.map +1 -0
package/dist/memory/manager.d.ts +85 -0
package/dist/memory/manager.d.ts.map +1 -0
package/dist/memory/manager.js +234 -0
package/dist/memory/manager.js.map +1 -0
package/dist/memory/types.d.ts +74 -0
package/dist/memory/types.d.ts.map +1 -0
package/dist/memory/types.js +6 -0
package/dist/memory/types.js.map +1 -0
package/dist/permissions/index.d.ts +7 -0
package/dist/permissions/index.d.ts.map +1 -0
package/dist/permissions/index.js +6 -0
package/dist/permissions/index.js.map +1 -0
package/dist/permissions/manager.d.ts +32 -0
package/dist/permissions/manager.d.ts.map +1 -0
package/dist/permissions/manager.js +79 -0
package/dist/permissions/manager.js.map +1 -0
package/dist/permissions/types.d.ts +14 -0
package/dist/permissions/types.d.ts.map +1 -0
package/dist/permissions/types.js +17 -0
package/dist/permissions/types.js.map +1 -0
package/dist/providers/anthropic.d.ts +20 -0
package/dist/providers/anthropic.d.ts.map +1 -0
package/dist/providers/anthropic.js +185 -0
package/dist/providers/anthropic.js.map +1 -0
package/dist/providers/gemini.d.ts +21 -0
package/dist/providers/gemini.d.ts.map +1 -0
package/dist/providers/gemini.js +241 -0
package/dist/providers/gemini.js.map +1 -0
package/dist/providers/index.d.ts +34 -0
package/dist/providers/index.d.ts.map +1 -0
package/dist/providers/index.js +72 -0
package/dist/providers/index.js.map +1 -0
package/dist/providers/openai.d.ts +19 -0
package/dist/providers/openai.d.ts.map +1 -0
package/dist/providers/openai.js +221 -0
package/dist/providers/openai.js.map +1 -0
package/dist/providers/types.d.ts +125 -0
package/dist/providers/types.d.ts.map +1 -0
package/dist/providers/types.js +6 -0
package/dist/providers/types.js.map +1 -0
package/dist/session/index.d.ts +6 -0
package/dist/session/index.d.ts.map +1 -0
package/dist/session/index.js +6 -0
package/dist/session/index.js.map +1 -0
package/dist/session/manager.d.ts +101 -0
package/dist/session/manager.d.ts.map +1 -0
package/dist/session/manager.js +295 -0
package/dist/session/manager.js.map +1 -0
package/dist/session/types.d.ts +39 -0
package/dist/session/types.d.ts.map +1 -0
package/dist/session/types.js +10 -0
package/dist/session/types.js.map +1 -0
package/dist/tools/builtin/bash.d.ts +7 -0
package/dist/tools/builtin/bash.d.ts.map +1 -0
package/dist/tools/builtin/bash.js +80 -0
package/dist/tools/builtin/bash.js.map +1 -0
package/dist/tools/builtin/edit.d.ts +7 -0
package/dist/tools/builtin/edit.d.ts.map +1 -0
package/dist/tools/builtin/edit.js +32 -0
package/dist/tools/builtin/edit.js.map +1 -0
package/dist/tools/builtin/glob.d.ts +7 -0
package/dist/tools/builtin/glob.d.ts.map +1 -0
package/dist/tools/builtin/glob.js +36 -0
package/dist/tools/builtin/glob.js.map +1 -0
package/dist/tools/builtin/grep.d.ts +7 -0
package/dist/tools/builtin/grep.d.ts.map +1 -0
package/dist/tools/builtin/grep.js +59 -0
package/dist/tools/builtin/grep.js.map +1 -0
package/dist/tools/builtin/read.d.ts +7 -0
package/dist/tools/builtin/read.d.ts.map +1 -0
package/dist/tools/builtin/read.js +29 -0
package/dist/tools/builtin/read.js.map +1 -0
package/dist/tools/builtin/write.d.ts +7 -0
package/dist/tools/builtin/write.d.ts.map +1 -0
package/dist/tools/builtin/write.js +24 -0
package/dist/tools/builtin/write.js.map +1 -0
package/dist/tools/index.d.ts +38 -0
package/dist/tools/index.d.ts.map +1 -0
package/dist/tools/index.js +32 -0
package/dist/tools/index.js.map +1 -0
package/dist/tools/registry.d.ts +22 -0
package/dist/tools/registry.d.ts.map +1 -0
package/dist/tools/registry.js +71 -0
package/dist/tools/registry.js.map +1 -0
package/dist/tools/types.d.ts +62 -0
package/dist/tools/types.d.ts.map +1 -0
package/dist/tools/types.js +126 -0
package/dist/tools/types.js.map +1 -0
package/docs/README.md +16 -0
package/docs/proposals/0001-web-fetch-tool.md +293 -0
package/docs/proposals/0002-web-search-tool.md +306 -0
package/docs/proposals/0003-task-subagents.md +333 -0
package/docs/proposals/0004-plan-mode.md +338 -0
package/docs/proposals/0005-todo-system.md +299 -0
package/docs/proposals/0006-memory-system.md +539 -0
package/docs/proposals/0007-context-management.md +429 -0
package/docs/proposals/0008-checkpointing.md +327 -0
package/docs/proposals/0009-hooks-system.md +343 -0
package/docs/proposals/0010-mcp-integration.md +382 -0
package/docs/proposals/0011-custom-commands.md +374 -0
package/docs/proposals/0012-ask-user-question.md +317 -0
package/docs/proposals/0013-multi-edit-tool.md +345 -0
package/docs/proposals/0014-lsp-tool.md +478 -0
package/docs/proposals/0015-ls-tool.md +407 -0
package/docs/proposals/0016-kill-shell-tool.md +455 -0
package/docs/proposals/0017-background-tasks.md +489 -0
package/docs/proposals/0018-parallel-tool-execution.md +415 -0
package/docs/proposals/0019-session-enhancements.md +462 -0
package/docs/proposals/0020-session-summarization.md +447 -0
package/docs/proposals/0021-skills-system.md +409 -0
package/docs/proposals/0022-plugin-system.md +467 -0
package/docs/proposals/0023-permission-enhancements.md +470 -0
package/docs/proposals/0024-keyboard-shortcuts.md +443 -0
package/docs/proposals/0025-cost-tracking.md +447 -0
package/docs/proposals/0026-git-integration.md +475 -0
package/docs/proposals/0027-enhanced-read-tool.md +514 -0
package/docs/proposals/0028-enhanced-bash-tool.md +511 -0
package/docs/proposals/0029-notebook-edit-tool.md +413 -0
package/docs/proposals/0030-plugin-marketplace.md +360 -0
package/docs/proposals/0031-command-suggestions.md +295 -0
package/docs/proposals/0032-ide-integrations.md +328 -0
package/docs/proposals/0033-enterprise-deployment.md +221 -0
package/docs/proposals/0034-sandboxing.md +273 -0
package/docs/proposals/0035-auto-updater.md +311 -0
package/docs/proposals/0036-enhanced-glob-tool.md +267 -0
package/docs/proposals/0037-enhanced-grep-tool.md +360 -0
package/docs/proposals/0038-interactive-cli-ui.md +373 -0
package/docs/proposals/0039-streaming-enhancements.md +359 -0
package/docs/proposals/0040-multi-provider-enhancements.md +369 -0
package/docs/proposals/README.md +84 -0
package/docs/proposals/TEMPLATE.md +57 -0
package/docs/proposals/research/claude-code-research.md +307 -0
package/examples/agent-demo.ts +115 -0
package/examples/basic.ts +166 -0
package/package.json +50 -0
package/src/agent/agent.ts +276 -0
package/src/agent/index.ts +6 -0
package/src/agent/types.ts +62 -0
package/src/cli/components/App.tsx +565 -0
package/src/cli/components/CommandSuggestions.tsx +58 -0
package/src/cli/components/Header.tsx +36 -0
package/src/cli/components/Input.tsx +60 -0
package/src/cli/components/Logo.tsx +16 -0
package/src/cli/components/Messages.tsx +210 -0
package/src/cli/components/ModelSelector.tsx +135 -0
package/src/cli/components/Spinner.tsx +72 -0
package/src/cli/components/index.ts +21 -0
package/src/cli/components/theme.ts +36 -0
package/src/cli/index.tsx +136 -0
package/src/config/index.ts +7 -0
package/src/config/manager.ts +77 -0
package/src/config/types.ts +25 -0
package/src/index.ts +86 -0
package/src/permissions/index.ts +7 -0
package/src/permissions/manager.ts +97 -0
package/src/permissions/types.ts +29 -0
package/src/providers/anthropic.ts +224 -0
package/src/providers/gemini.ts +295 -0
package/src/providers/index.ts +97 -0
package/src/providers/openai.ts +261 -0
package/src/providers/types.ts +181 -0
package/src/session/index.ts +6 -0
package/src/session/manager.ts +354 -0
package/src/session/types.ts +49 -0
package/src/tools/builtin/bash.ts +92 -0
package/src/tools/builtin/edit.ts +37 -0
package/src/tools/builtin/glob.ts +42 -0
package/src/tools/builtin/grep.ts +67 -0
package/src/tools/builtin/read.ts +34 -0
package/src/tools/builtin/write.ts +27 -0
package/src/tools/index.ts +36 -0
package/src/tools/registry.ts +83 -0
package/src/tools/types.ts +172 -0
package/tsconfig.json +21 -0

package/docs/proposals/0023-permission-enhancements.md ADDED Viewed

@@ -0,0 +1,470 @@
+# Proposal: Permission Enhancements
+- **Proposal ID**: 0023
+- **Author**: mycode team
+- **Status**: Draft
+- **Created**: 2025-01-15
+- **Updated**: 2025-01-15
+## Summary
+Enhance the permission system with pattern-based rules, prompt-based approvals, persistent allowlists, and fine-grained control over tool execution. This provides users with flexible, secure control over agent capabilities.
+## Motivation
+The current permission system is basic:
+1. **Tool-level only**: Can't distinguish safe vs dangerous uses
+2. **No persistence**: Approvals lost between sessions
+3. **No patterns**: Can't approve "all git commands"
+4. **Manual each time**: Repetitive confirmation fatigue
+5. **No audit trail**: No record of what was approved
+Enhanced permissions balance security with usability.
+## Claude Code Reference
+Claude Code provides sophisticated permission handling:
+### ExitPlanMode Permissions
+```typescript
+ExitPlanMode({
+  allowedPrompts: [
+    { tool: "Bash", prompt: "run tests" },
+    { tool: "Bash", prompt: "install dependencies" },
+    { tool: "Bash", prompt: "build the project" }
+  ]
+})
+```
+### Settings-Based Permissions
+```json
+{
+  "permissions": {
+    "allow": [
+      "Bash(git add:*)",
+      "Bash(git commit:*)",
+      "Bash(npm install:*)"
+    ]
+  }
+}
+```
+### Permission Guidelines
+- Scope permissions narrowly
+- Use semantic descriptions, not literal commands
+- Read-only permissions for read-only operations
+- Session-scoped by default
+- Input-aware caching
+## Detailed Design
+### API Design
+```typescript
+// src/permissions/types.ts
+type PermissionMode = 'auto' | 'confirm' | 'deny';
+interface PermissionRule {
+  tool: string | RegExp;
+  mode: PermissionMode;
+  pattern?: string | RegExp;      // Input pattern matching
+  prompt?: string;                // Semantic description
+  scope?: 'session' | 'project' | 'global';
+  expiresAt?: Date;
+}
+interface PromptPermission {
+  tool: string;
+  prompt: string;                 // Semantic description
+}
+interface PermissionConfig {
+  defaultMode: PermissionMode;
+  rules: PermissionRule[];
+  allowedPrompts: PromptPermission[];
+}
+interface PermissionContext {
+  tool: string;
+  input: unknown;
+  sessionId: string;
+  projectPath: string;
+}
+interface PermissionDecision {
+  allowed: boolean;
+  reason: string;
+  matchedRule?: PermissionRule;
+  requiresConfirmation: boolean;
+}
+interface PermissionAuditEntry {
+  timestamp: Date;
+  tool: string;
+  input: unknown;
+  decision: 'allowed' | 'denied' | 'confirmed';
+  rule?: string;
+  userId?: string;
+}
+```
+### Enhanced Permission Manager
+```typescript
+// src/permissions/manager.ts
+class PermissionManager {
+  private config: PermissionConfig;
+  private sessionApprovals: Map<string, Set<string>> = new Map();
+  private persistentRules: PermissionRule[] = [];
+  private auditLog: PermissionAuditEntry[] = [];
+  private promptMatcher: PromptMatcher;
+  constructor(config?: Partial<PermissionConfig>) {
+    this.config = {
+      defaultMode: 'confirm',
+      rules: DEFAULT_RULES,
+      allowedPrompts: [],
+      ...config
+    };
+    this.loadPersistentRules();
+    this.promptMatcher = new PromptMatcher();
+  }
+  async checkPermission(
+    context: PermissionContext
+  ): Promise<PermissionDecision> {
+    const { tool, input, sessionId } = context;
+    // Check explicit deny rules first
+    const denyRule = this.findMatchingRule(context, 'deny');
+    if (denyRule) {
+      this.logAudit(context, 'denied', denyRule);
+      return {
+        allowed: false,
+        reason: `Denied by rule: ${denyRule.prompt || denyRule.pattern}`,
+        matchedRule: denyRule,
+        requiresConfirmation: false
+      };
+    }
+    // Check auto-allow rules
+    const autoRule = this.findMatchingRule(context, 'auto');
+    if (autoRule) {
+      this.logAudit(context, 'allowed', autoRule);
+      return {
+        allowed: true,
+        reason: 'Auto-approved by rule',
+        matchedRule: autoRule,
+        requiresConfirmation: false
+      };
+    }
+    // Check prompt-based permissions
+    const promptMatch = await this.matchPrompt(tool, input);
+    if (promptMatch) {
+      this.logAudit(context, 'allowed', { prompt: promptMatch });
+      return {
+        allowed: true,
+        reason: `Matches approved prompt: ${promptMatch}`,
+        requiresConfirmation: false
+      };
+    }
+    // Check session approvals cache
+    const cacheKey = this.getCacheKey(tool, input);
+    const sessionCache = this.sessionApprovals.get(sessionId);
+    if (sessionCache?.has(cacheKey)) {
+      return {
+        allowed: true,
+        reason: 'Previously approved in session',
+        requiresConfirmation: false
+      };
+    }
+    // Default: requires confirmation
+    return {
+      allowed: false,
+      reason: 'Requires user confirmation',
+      requiresConfirmation: true
+    };
+  }
+  async requestPermission(
+    context: PermissionContext,
+    confirmCallback: ConfirmCallback
+  ): Promise<boolean> {
+    const decision = await this.checkPermission(context);
+    if (decision.allowed) return true;
+    if (!decision.requiresConfirmation) return false;
+    // Request user confirmation
+    const confirmed = await confirmCallback(
+      context.tool,
+      context.input,
+      this.getSuggestions(context)
+    );
+    if (confirmed) {
+      this.cacheApproval(context);
+      this.logAudit(context, 'confirmed');
+    } else {
+      this.logAudit(context, 'denied');
+    }
+    return confirmed;
+  }
+  addAllowedPrompts(prompts: PromptPermission[]): void {
+    this.config.allowedPrompts.push(...prompts);
+  }
+  clearSessionApprovals(sessionId: string): void {
+    this.sessionApprovals.delete(sessionId);
+  }
+  private async matchPrompt(tool: string, input: unknown): Promise<string | null> {
+    for (const permission of this.config.allowedPrompts) {
+      if (permission.tool !== tool) continue;
+      const matches = await this.promptMatcher.matches(
+        permission.prompt,
+        input
+      );
+      if (matches) return permission.prompt;
+    }
+    return null;
+  }
+  private findMatchingRule(
+    context: PermissionContext,
+    mode: PermissionMode
+  ): PermissionRule | undefined {
+    const allRules = [...this.config.rules, ...this.persistentRules];
+    return allRules.find(rule => {
+      if (rule.mode !== mode) return false;
+      if (!this.matchesTool(rule.tool, context.tool)) return false;
+      if (rule.pattern && !this.matchesPattern(rule.pattern, context.input)) {
+        return false;
+      }
+      return true;
+    });
+  }
+  private matchesTool(pattern: string | RegExp, tool: string): boolean {
+    if (typeof pattern === 'string') {
+      return pattern === tool || pattern === '*';
+    }
+    return pattern.test(tool);
+  }
+  private matchesPattern(pattern: string | RegExp, input: unknown): boolean {
+    const inputStr = JSON.stringify(input);
+    if (typeof pattern === 'string') {
+      // Support glob-like patterns
+      const regex = new RegExp(pattern.replace(/\*/g, '.*'));
+      return regex.test(inputStr);
+    }
+    return pattern.test(inputStr);
+  }
+  // Persistence
+  async saveRule(rule: PermissionRule): Promise<void> {
+    this.persistentRules.push(rule);
+    await this.savePersistentRules();
+  }
+  private getSuggestions(context: PermissionContext): PermissionSuggestion[] {
+    return [
+      { action: 'allow_once', label: 'Allow this time' },
+      { action: 'allow_session', label: 'Allow for this session' },
+      { action: 'allow_always', label: 'Always allow this' },
+      { action: 'deny', label: 'Deny' }
+    ];
+  }
+}
+```
+### Prompt Matcher
+```typescript
+// src/permissions/prompt-matcher.ts
+class PromptMatcher {
+  private patterns: Map<string, (input: unknown) => boolean> = new Map();
+  constructor() {
+    this.registerBuiltInPatterns();
+  }
+  private registerBuiltInPatterns(): void {
+    // Git operations
+    this.patterns.set('run tests', input =>
+      this.matchesCommand(input, ['npm test', 'pytest', 'go test', 'jest'])
+    );
+    this.patterns.set('install dependencies', input =>
+      this.matchesCommand(input, ['npm install', 'pip install', 'cargo build'])
+    );
+    this.patterns.set('build the project', input =>
+      this.matchesCommand(input, ['npm run build', 'make', 'cargo build'])
+    );
+    this.patterns.set('git operations', input =>
+      this.matchesCommand(input, ['git '])
+    );
+  }
+  async matches(prompt: string, input: unknown): Promise<boolean> {
+    // Check exact pattern match
+    const pattern = this.patterns.get(prompt.toLowerCase());
+    if (pattern) return pattern(input);
+    // Fuzzy semantic matching (for complex prompts)
+    return this.semanticMatch(prompt, input);
+  }
+  private matchesCommand(input: unknown, prefixes: string[]): boolean {
+    const command = (input as { command?: string })?.command || '';
+    return prefixes.some(prefix => command.startsWith(prefix));
+  }
+  private semanticMatch(prompt: string, input: unknown): boolean {
+    // Simple keyword matching for now
+    const inputStr = JSON.stringify(input).toLowerCase();
+    const keywords = prompt.toLowerCase().split(/\s+/);
+    return keywords.some(kw => inputStr.includes(kw));
+  }
+}
+```
+### File Changes
+| File | Action | Description |
+|------|--------|-------------|
+| `src/permissions/types.ts` | Modify | Enhanced types |
+| `src/permissions/manager.ts` | Modify | Enhanced manager |
+| `src/permissions/prompt-matcher.ts` | Create | Semantic matching |
+| `src/permissions/persistence.ts` | Create | Rule persistence |
+| `src/permissions/audit.ts` | Create | Audit logging |
+| `src/cli/commands/permissions.ts` | Create | Permission CLI |
+## User Experience
+### Permission Prompt with Options
+```
+┌─ Permission Request ──────────────────────────────┐
+│ Tool: Bash                                        │
+│ Command: npm install lodash                       │
+│                                                   │
+│ This operation requires your approval.            │
+│                                                   │
+│ [1] Allow once                                    │
+│ [2] Allow for this session                        │
+│ [3] Always allow "npm install" commands           │
+│ [4] Deny                                          │
+└───────────────────────────────────────────────────┘
+```
+### View Permissions
+```
+User: /permissions
+Permission Rules:
+┌────────────────────────────────────────────────────────────┐
+│ Type    Tool   Pattern              Scope      Mode       │
+├────────────────────────────────────────────────────────────┤
+│ Built-in Read   *                   session    auto       │
+│ Built-in Glob   *                   session    auto       │
+│ Built-in Grep   *                   session    auto       │
+│ Custom   Bash   npm install:*       project    auto       │
+│ Custom   Bash   git add:*           global     auto       │
+│ Session  Bash   pytest              session    auto       │
+└────────────────────────────────────────────────────────────┘
+Pending Prompts (from plan approval):
+• Bash: run tests
+• Bash: build the project
+```
+### Permission Audit
+```
+User: /permissions audit
+Recent Permission Decisions:
+┌────────────────────────────────────────────────────────────────┐
+│ Time     Tool   Input               Decision   Rule           │
+├────────────────────────────────────────────────────────────────┤
+│ 10:42    Bash   npm test            allowed    prompt:tests   │
+│ 10:41    Read   src/index.ts        allowed    built-in       │
+│ 10:40    Write  src/new.ts          confirmed  user-approval  │
+│ 10:38    Bash   rm -rf /tmp/test    denied     blocked-cmd    │
+└────────────────────────────────────────────────────────────────┘
+```
+## Alternatives Considered
+### Alternative 1: Capability-Based Security
+Use capability tokens instead of rules.
+**Pros**: More formal model
+**Cons**: Complex for users
+**Decision**: Deferred - Consider for enterprise
+### Alternative 2: AI-Based Permission Decisions
+Let AI assess risk of operations.
+**Pros**: Intelligent decisions
+**Cons**: Unpredictable, trust issues
+**Decision**: Rejected - Users need control
+### Alternative 3: Whitelist-Only Mode
+Only allow explicitly approved operations.
+**Pros**: Maximum security
+**Cons**: Too restrictive for usability
+**Decision**: Available as strict mode
+## Security Considerations
+1. **Rule Validation**: Validate rule patterns
+2. **Audit Trail**: Immutable audit log
+3. **Escalation Prevention**: Can't grant more permissions than held
+4. **Expiration**: Time-limited approvals
+5. **Scope Limits**: Limit global rules
+## Testing Strategy
+1. **Unit Tests**:
+   - Rule matching logic
+   - Pattern matching
+   - Prompt matching
+   - Cache behavior
+2. **Integration Tests**:
+   - Full permission flow
+   - Persistence
+   - Audit logging
+3. **Security Tests**:
+   - Bypass attempts
+   - Injection attacks
+   - Escalation scenarios
+## Migration Path
+1. **Phase 1**: Enhanced rule matching
+2. **Phase 2**: Prompt-based permissions
+3. **Phase 3**: Persistence layer
+4. **Phase 4**: Audit logging
+5. **Phase 5**: CLI management
+Backward compatible with existing rules.
+## References
+- [Claude Code Permission System](https://code.claude.com/docs/en/permissions)
+- [Capability-Based Security](https://en.wikipedia.org/wiki/Capability-based_security)
+- [Principle of Least Privilege](https://en.wikipedia.org/wiki/Principle_of_least_privilege)