ripperdoc 0.2.4__py3-none-any.whl → 0.2.5__py3-none-any.whl

ripperdoc/cli/ui/tool_renderers.py

@@ -0,0 +1,298 @@
+"""Tool result renderers for CLI display.
+
+This module provides a strategy pattern implementation for rendering different
+tool results in the Rich CLI interface.
+"""
+
+from typing import Any, Callable, List, Optional
+
+from rich.console import Console
+from rich.markup import escape
+
+
+class ToolResultRenderer:
+    """Base class for rendering tool results to console."""
+
+    def __init__(self, console: Console, verbose: bool = False):
+        self.console = console
+        self.verbose = verbose
+
+    def can_handle(self, _sender: str) -> bool:
+        """Return True if this renderer handles the given tool name."""
+        raise NotImplementedError
+
+    def render(self, _content: str, _tool_data: Any) -> None:
+        """Render the tool result to console."""
+        raise NotImplementedError
+
+    def _get_field(self, data: Any, key: str, default: Any = None) -> Any:
+        """Safely fetch a field from either an object or a dict."""
+        if isinstance(data, dict):
+            return data.get(key, default)
+        return getattr(data, key, default)
+
+
+class TodoResultRenderer(ToolResultRenderer):
+    """Render Todo tool results."""
+
+    def can_handle(self, sender: str) -> bool:
+        return "Todo" in sender
+
+    def render(self, content: str, _tool_data: Any) -> None:
+        lines = content.splitlines()
+        if lines:
+            self.console.print(f"  ⎿  [dim]{escape(lines[0])}[/]")
+            for line in lines[1:]:
+                self.console.print(f"      {line}", markup=False)
+        else:
+            self.console.print("  ⎿  [dim]Todo update[/]")
+
+
+class ReadResultRenderer(ToolResultRenderer):
+    """Render Read/View tool results."""
+
+    def can_handle(self, sender: str) -> bool:
+        return "Read" in sender or "View" in sender
+
+    def render(self, content: str, _tool_data: Any) -> None:
+        lines = content.split("\n")
+        line_count = len(lines)
+        self.console.print(f"  ⎿  [dim]Read {line_count} lines[/]")
+        if self.verbose:
+            preview = lines[:30]
+            for line in preview:
+                self.console.print(line, markup=False)
+            if len(lines) > len(preview):
+                self.console.print(f"[dim]... ({len(lines) - len(preview)} more lines)[/]")
+
+
+class EditResultRenderer(ToolResultRenderer):
+    """Render Write/Edit/MultiEdit tool results."""
+
+    def can_handle(self, sender: str) -> bool:
+        return "Write" in sender or "Edit" in sender or "MultiEdit" in sender
+
+    def render(self, _content: str, tool_data: Any) -> None:
+        if tool_data and (hasattr(tool_data, "file_path") or isinstance(tool_data, dict)):
+            file_path = self._get_field(tool_data, "file_path")
+            additions = self._get_field(tool_data, "additions", 0)
+            deletions = self._get_field(tool_data, "deletions", 0)
+            diff_with_line_numbers = self._get_field(tool_data, "diff_with_line_numbers", [])
+
+            if not file_path:
+                self.console.print("  ⎿  [dim]File updated successfully[/]")
+                return
+
+            self.console.print(
+                f"  ⎿  [dim]Updated {escape(str(file_path))} with {additions} additions and {deletions} removals[/]"
+            )
+
+            if self.verbose:
+                for line in diff_with_line_numbers:
+                    self.console.print(line, markup=False)
+        else:
+            self.console.print("  ⎿  [dim]File updated successfully[/]")
+
+
+class GlobResultRenderer(ToolResultRenderer):
+    """Render Glob tool results."""
+
+    def can_handle(self, sender: str) -> bool:
+        return "Glob" in sender
+
+    def render(self, content: str, _tool_data: Any) -> None:
+        files = content.split("\n")
+        file_count = len([f for f in files if f.strip()])
+        self.console.print(f"  ⎿  [dim]Found {file_count} files[/]")
+        if self.verbose:
+            for line in files[:30]:
+                if line.strip():
+                    self.console.print(f"      {line}", markup=False)
+            if file_count > 30:
+                self.console.print(f"[dim]... ({file_count - 30} more)[/]")
+
+
+class GrepResultRenderer(ToolResultRenderer):
+    """Render Grep tool results."""
+
+    def can_handle(self, sender: str) -> bool:
+        return "Grep" in sender
+
+    def render(self, content: str, _tool_data: Any) -> None:
+        matches = content.split("\n")
+        match_count = len([m for m in matches if m.strip()])
+        self.console.print(f"  ⎿  [dim]Found {match_count} matches[/]")
+        if self.verbose:
+            for line in matches[:30]:
+                if line.strip():
+                    self.console.print(f"      {line}", markup=False)
+            if match_count > 30:
+                self.console.print(f"[dim]... ({match_count - 30} more)[/]")
+
+
+class LSResultRenderer(ToolResultRenderer):
+    """Render LS tool results."""
+
+    def can_handle(self, sender: str) -> bool:
+        return "LS" in sender
+
+    def render(self, content: str, _tool_data: Any) -> None:
+        tree_lines = content.splitlines()
+        self.console.print(f"  ⎿  [dim]Directory tree ({len(tree_lines)} lines)[/]")
+        if self.verbose:
+            preview = tree_lines[:40]
+            for line in preview:
+                self.console.print(f"      {line}", markup=False)
+            if len(tree_lines) > len(preview):
+                self.console.print(f"[dim]... ({len(tree_lines) - len(preview)} more)[/]")
+
+
+# Type alias for bash output parser callback
+BashOutputParser = Callable[[str], tuple[List[str], List[str]]]
+
+
+class BashResultRenderer(ToolResultRenderer):
+    """Render Bash tool results."""
+
+    def __init__(
+        self, console: Console, verbose: bool = False, parse_fallback: Optional[BashOutputParser] = None
+    ):
+        super().__init__(console, verbose)
+        self._parse_fallback = parse_fallback
+
+    def can_handle(self, sender: str) -> bool:
+        return "Bash" in sender
+
+    def render(self, content: str, tool_data: Any) -> None:
+        stdout_lines: List[str] = []
+        stderr_lines: List[str] = []
+        exit_code = 0
+        duration_ms = 0
+        timeout_ms = 0
+
+        if tool_data:
+            exit_code = self._get_field(tool_data, "exit_code", 0)
+            stdout = self._get_field(tool_data, "stdout", "") or ""
+            stderr = self._get_field(tool_data, "stderr", "") or ""
+            duration_ms = self._get_field(tool_data, "duration_ms", 0) or 0
+            timeout_ms = self._get_field(tool_data, "timeout_ms", 0) or 0
+            stdout_lines = stdout.splitlines() if stdout else []
+            stderr_lines = stderr.splitlines() if stderr else []
+
+        if not stdout_lines and not stderr_lines and content and self._parse_fallback:
+            stdout_lines, stderr_lines = self._parse_fallback(content)
+
+        show_inline_stdout = (
+            stdout_lines and not stderr_lines and exit_code == 0 and not self.verbose
+        )
+
+        if show_inline_stdout:
+            preview = stdout_lines if self.verbose else stdout_lines[:5]
+            self.console.print(f"  ⎿  {preview[0]}", markup=False)
+            for line in preview[1:]:
+                self.console.print(f"      {line}", markup=False)
+            if not self.verbose and len(stdout_lines) > len(preview):
+                self.console.print(f"[dim]... ({len(stdout_lines) - len(preview)} more lines)[/]")
+        else:
+            self._render_detailed_output(
+                tool_data, exit_code, duration_ms, timeout_ms, stdout_lines, stderr_lines
+            )
+
+    def _render_detailed_output(
+        self,
+        tool_data: Any,
+        exit_code: int,
+        duration_ms: float,
+        timeout_ms: int,
+        stdout_lines: List[str],
+        stderr_lines: List[str],
+    ) -> None:
+        """Render detailed Bash output with exit code, stdout, stderr."""
+        if tool_data:
+            timing = ""
+            if duration_ms:
+                timing = f" ({duration_ms / 1000:.2f}s"
+                if timeout_ms:
+                    timing += f" / timeout {timeout_ms / 1000:.0f}s"
+                timing += ")"
+            elif timeout_ms:
+                timing = f" (timeout {timeout_ms / 1000:.0f}s)"
+            self.console.print(f"  ⎿  [dim]Exit code {exit_code}{timing}[/]")
+        else:
+            self.console.print("  ⎿  [dim]Command executed[/]")
+
+        # Render stdout
+        if stdout_lines:
+            preview = stdout_lines if self.verbose else stdout_lines[:5]
+            self.console.print("[dim]stdout:[/]")
+            for line in preview:
+                self.console.print(f"      {line}", markup=False)
+            if not self.verbose and len(stdout_lines) > len(preview):
+                self.console.print(
+                    f"[dim]... ({len(stdout_lines) - len(preview)} more stdout lines)[/]"
+                )
+        else:
+            self.console.print("[dim]stdout:[/]")
+            self.console.print("      [dim](no stdout)[/]")
+
+        # Render stderr
+        if stderr_lines:
+            preview = stderr_lines if self.verbose else stderr_lines[:5]
+            self.console.print("[dim]stderr:[/]")
+            for line in preview:
+                self.console.print(f"      {line}", markup=False)
+            if not self.verbose and len(stderr_lines) > len(preview):
+                self.console.print(
+                    f"[dim]... ({len(stderr_lines) - len(preview)} more stderr lines)[/]"
+                )
+        else:
+            self.console.print("[dim]stderr:[/]")
+            self.console.print("      [dim](no stderr)[/]")
+
+
+class ToolResultRendererRegistry:
+    """Registry that selects the appropriate renderer for a tool result."""
+
+    def __init__(
+        self, console: Console, verbose: bool = False, parse_bash_fallback: Optional[BashOutputParser] = None
+    ):
+        self.console = console
+        self.verbose = verbose
+        self._renderers: List[ToolResultRenderer] = [
+            TodoResultRenderer(console, verbose),
+            ReadResultRenderer(console, verbose),
+            EditResultRenderer(console, verbose),
+            GlobResultRenderer(console, verbose),
+            GrepResultRenderer(console, verbose),
+            LSResultRenderer(console, verbose),
+            BashResultRenderer(console, verbose, parse_bash_fallback),
+        ]
+
+    def get_renderer(self, sender: str) -> Optional[ToolResultRenderer]:
+        """Get the appropriate renderer for the given tool name."""
+        for renderer in self._renderers:
+            if renderer.can_handle(sender):
+                return renderer
+        return None
+
+    def render(self, sender: str, content: str, tool_data: Any) -> bool:
+        """Render the tool result. Returns True if rendered, False otherwise."""
+        renderer = self.get_renderer(sender)
+        if renderer:
+            renderer.render(content, tool_data)
+            return True
+        return False
+
+
+__all__ = [
+    "ToolResultRenderer",
+    "ToolResultRendererRegistry",
+    "TodoResultRenderer",
+    "ReadResultRenderer",
+    "EditResultRenderer",
+    "GlobResultRenderer",
+    "GrepResultRenderer",
+    "LSResultRenderer",
+    "BashResultRenderer",
+    "BashOutputParser",
+]

ripperdoc/core/agents.py

@@ -41,7 +41,7 @@ def _safe_tool_name(factory: Any, fallback: str) -> str:
     try:
         name = getattr(factory(), "name", None)
         return str(name) if name else fallback
-    except Exception:
+    except (TypeError, ValueError, RuntimeError, AttributeError):
         return fallback
 
 
@@ -189,9 +189,9 @@ PLAN_AGENT_PROMPT = (
     "End your response with:\n\n"
     "### Critical Files for Implementation\n"
     "List 3-5 files most critical for implementing this plan:\n"
-    "- path/to/file1.ts - [Brief reason: e.g., \"Core logic to modify\"]\n"
-    "- path/to/file2.ts - [Brief reason: e.g., \"Interfaces to implement\"]\n"
-    "- path/to/file3.ts - [Brief reason: e.g., \"Pattern to follow\"]\n\n"
+    '- path/to/file1.ts - [Brief reason: e.g., "Core logic to modify"]\n'
+    '- path/to/file2.ts - [Brief reason: e.g., "Interfaces to implement"]\n'
+    '- path/to/file3.ts - [Brief reason: e.g., "Pattern to follow"]\n\n'
     "REMEMBER: You can ONLY explore and plan. You CANNOT and MUST NOT write, edit, or "
     "modify any files. You do NOT have access to file editing tools."
 )
@@ -224,7 +224,7 @@ def _built_in_agents() -> List[AgentDefinition]:
         AgentDefinition(
             agent_type="explore",
             when_to_use=(
-                'Fast agent specialized for exploring codebases. Use this when you need to quickly find '
+                "Fast agent specialized for exploring codebases. Use this when you need to quickly find "
                 'files by patterns (eg. "src/components/**/*.tsx"), search code for keywords (eg. "API endpoints"), '
                 'or answer questions about the codebase (eg. "how do API endpoints work?"). When calling this agent, '
                 'specify the desired thoroughness level: "quick" for basic searches, "medium" for moderate exploration, '
@@ -278,8 +278,12 @@ def _split_frontmatter(raw_text: str) -> Tuple[Dict[str, Any], str]:
                 body = "\n".join(lines[idx + 1 :])
                 try:
                     frontmatter = yaml.safe_load(frontmatter_text) or {}
-                except Exception as exc:  # pragma: no cover - defensive
-                    logger.exception("Invalid frontmatter in agent file", extra={"error": str(exc)})
+                except (yaml.YAMLError, ValueError, TypeError) as exc:  # pragma: no cover - defensive
+                    logger.warning(
+                        "Invalid frontmatter in agent file: %s: %s",
+                        type(exc).__name__, exc,
+                        extra={"error": str(exc)},
+                    )
                     return {"__error__": f"Invalid frontmatter: {exc}"}, body
                 return frontmatter, body
     return {}, raw_text
@@ -305,8 +309,12 @@ def _parse_agent_file(
     """Parse a single agent file."""
     try:
         text = path.read_text(encoding="utf-8")
-    except Exception as exc:
-        logger.exception("Failed to read agent file", extra={"error": str(exc), "path": str(path)})
+    except (OSError, IOError, UnicodeDecodeError) as exc:
+        logger.warning(
+            "Failed to read agent file: %s: %s",
+            type(exc).__name__, exc,
+            extra={"error": str(exc), "path": str(path)},
+        )
         return None, f"Failed to read agent file {path}: {exc}"
 
     frontmatter, body = _split_frontmatter(text)

ripperdoc/core/config.py

@@ -110,6 +110,9 @@ class ModelProfile(BaseModel):
     # Tool handling for OpenAI-compatible providers. "native" uses tool_calls, "text" flattens tool
     # interactions into plain text to support providers that reject tool roles.
     openai_tool_mode: Literal["native", "text"] = "native"
+    # Optional override for thinking protocol handling (e.g., "deepseek", "openrouter",
+    # "qwen", "gemini_openai", "openai_reasoning"). When unset, provider heuristics are used.
+    thinking_mode: Optional[str] = None
     # Pricing (USD per 1M tokens). Leave as 0 to skip cost calculation.
     input_cost_per_million_tokens: float = 0.0
     output_cost_per_million_tokens: float = 0.0
@@ -140,6 +143,10 @@ class GlobalConfig(BaseModel):
     auto_compact_enabled: bool = True
     context_token_limit: Optional[int] = None
 
+    # User-level permission rules (applied globally)
+    user_allow_rules: list[str] = Field(default_factory=list)
+    user_deny_rules: list[str] = Field(default_factory=list)
+
     # Onboarding
     has_completed_onboarding: bool = False
     last_onboarding_version: Optional[str] = None
@@ -151,12 +158,18 @@ class GlobalConfig(BaseModel):
 class ProjectConfig(BaseModel):
     """Project-specific configuration stored in .ripperdoc/config.json"""
 
-    # Tool permissions
+    # Tool permissions (project level - checked into git)
     allowed_tools: list[str] = Field(default_factory=list)
     bash_allow_rules: list[str] = Field(default_factory=list)
     bash_deny_rules: list[str] = Field(default_factory=list)
     working_directories: list[str] = Field(default_factory=list)
 
+    # Path ignore patterns (gitignore-style)
+    ignore_patterns: list[str] = Field(
+        default_factory=list,
+        description="Gitignore-style patterns for paths to ignore in file operations"
+    )
+
     # Context
     context: Dict[str, str] = Field(default_factory=dict)
     context_files: list[str] = Field(default_factory=list)
@@ -177,6 +190,14 @@ class ProjectConfig(BaseModel):
     last_session_id: Optional[str] = None
 
 
+class ProjectLocalConfig(BaseModel):
+    """Project-local configuration stored in .ripperdoc/config.local.json (not checked into git)"""
+
+    # Local permission rules (project-specific but not shared)
+    local_allow_rules: list[str] = Field(default_factory=list)
+    local_deny_rules: list[str] = Field(default_factory=list)
+
+
 class ConfigManager:
     """Manages global and project-specific configuration."""
 
@@ -185,6 +206,7 @@ class ConfigManager:
         self.current_project_path: Optional[Path] = None
         self._global_config: Optional[GlobalConfig] = None
         self._project_config: Optional[ProjectConfig] = None
+        self._project_local_config: Optional[ProjectLocalConfig] = None
 
     def get_global_config(self) -> GlobalConfig:
         """Load and return global configuration."""
@@ -200,8 +222,12 @@ class ConfigManager:
                             "profile_count": len(self._global_config.model_profiles),
                         },
                     )
-                except Exception as e:
-                    logger.exception("Error loading global config", extra={"error": str(e)})
+                except (json.JSONDecodeError, OSError, IOError, UnicodeDecodeError, ValueError, TypeError) as e:
+                    logger.warning(
+                        "Error loading global config: %s: %s",
+                        type(e).__name__, e,
+                        extra={"error": str(e)},
+                    )
                     self._global_config = GlobalConfig()
             else:
                 self._global_config = GlobalConfig()
@@ -250,9 +276,10 @@ class ConfigManager:
                             "allowed_tools": len(self._project_config.allowed_tools),
                         },
                     )
-                except Exception as e:
-                    logger.exception(
-                        "Error loading project config",
+                except (json.JSONDecodeError, OSError, IOError, UnicodeDecodeError, ValueError, TypeError) as e:
+                    logger.warning(
+                        "Error loading project config: %s: %s",
+                        type(e).__name__, e,
                         extra={"error": str(e), "path": str(config_path)},
                     )
                     self._project_config = ProjectConfig()
@@ -293,6 +320,91 @@ class ConfigManager:
             },
         )
 
+    def get_project_local_config(self, project_path: Optional[Path] = None) -> ProjectLocalConfig:
+        """Load and return project-local configuration (not checked into git)."""
+        if project_path is not None:
+            if self.current_project_path != project_path:
+                self._project_local_config = None
+            self.current_project_path = project_path
+
+        if self.current_project_path is None:
+            return ProjectLocalConfig()
+
+        config_path = self.current_project_path / ".ripperdoc" / "config.local.json"
+
+        if self._project_local_config is None:
+            if config_path.exists():
+                try:
+                    data = json.loads(config_path.read_text())
+                    self._project_local_config = ProjectLocalConfig(**data)
+                    logger.debug(
+                        "[config] Loaded project-local config",
+                        extra={
+                            "path": str(config_path),
+                            "project_path": str(self.current_project_path),
+                        },
+                    )
+                except (json.JSONDecodeError, OSError, IOError, UnicodeDecodeError, ValueError, TypeError) as e:
+                    logger.warning(
+                        "Error loading project-local config: %s: %s",
+                        type(e).__name__, e,
+                        extra={"error": str(e), "path": str(config_path)},
+                    )
+                    self._project_local_config = ProjectLocalConfig()
+            else:
+                self._project_local_config = ProjectLocalConfig()
+
+        return self._project_local_config
+
+    def save_project_local_config(
+        self, config: ProjectLocalConfig, project_path: Optional[Path] = None
+    ) -> None:
+        """Save project-local configuration."""
+        if project_path is not None:
+            self.current_project_path = project_path
+
+        if self.current_project_path is None:
+            return
+
+        config_dir = self.current_project_path / ".ripperdoc"
+        config_dir.mkdir(exist_ok=True)
+
+        config_path = config_dir / "config.local.json"
+        self._project_local_config = config
+        config_path.write_text(config.model_dump_json(indent=2))
+
+        # Ensure config.local.json is in .gitignore
+        self._ensure_gitignore_entry("config.local.json")
+
+        logger.debug(
+            "[config] Saved project-local config",
+            extra={
+                "path": str(config_path),
+                "project_path": str(self.current_project_path),
+            },
+        )
+
+    def _ensure_gitignore_entry(self, entry: str) -> bool:
+        """Ensure an entry exists in .ripperdoc/.gitignore. Returns True if added."""
+        if self.current_project_path is None:
+            return False
+
+        gitignore_path = self.current_project_path / ".ripperdoc" / ".gitignore"
+        try:
+            text = ""
+            if gitignore_path.exists():
+                text = gitignore_path.read_text(encoding="utf-8", errors="ignore")
+                existing_lines = text.splitlines()
+                if entry in existing_lines:
+                    return False
+            with gitignore_path.open("a", encoding="utf-8") as f:
+                if text and not text.endswith("\n"):
+                    f.write("\n")
+                f.write(f"{entry}\n")
+            return True
+        except (OSError, IOError):
+            return False
+
     def get_api_key(self, provider: ProviderType) -> Optional[str]:
         """Get API key for a provider."""
         # First check environment variables
@@ -433,3 +545,15 @@ def set_model_pointer(pointer: str, profile_name: str) -> GlobalConfig:
 def get_current_model_profile(pointer: str = "main") -> Optional[ModelProfile]:
     """Convenience wrapper to fetch the active profile for a pointer."""
     return config_manager.get_current_model_profile(pointer)
+
+
+def get_project_local_config(project_path: Optional[Path] = None) -> ProjectLocalConfig:
+    """Get project-local configuration (not checked into git)."""
+    return config_manager.get_project_local_config(project_path)
+
+
+def save_project_local_config(
+    config: ProjectLocalConfig, project_path: Optional[Path] = None
+) -> None:
+    """Save project-local configuration."""
+    config_manager.save_project_local_config(config, project_path)

ripperdoc/core/default_tools.py

@@ -17,6 +17,7 @@ from ripperdoc.tools.file_write_tool import FileWriteTool
 from ripperdoc.tools.glob_tool import GlobTool
 from ripperdoc.tools.ls_tool import LSTool
 from ripperdoc.tools.grep_tool import GrepTool
+from ripperdoc.tools.skill_tool import SkillTool
 from ripperdoc.tools.todo_tool import TodoReadTool, TodoWriteTool
 from ripperdoc.tools.ask_user_question_tool import AskUserQuestionTool
 from ripperdoc.tools.enter_plan_mode_tool import EnterPlanModeTool
@@ -48,6 +49,7 @@ def get_default_tools() -> List[Tool[Any, Any]]:
         GlobTool(),
         LSTool(),
         GrepTool(),
+        SkillTool(),
         TodoReadTool(),
         TodoWriteTool(),
         AskUserQuestionTool(),
@@ -66,9 +68,12 @@ def get_default_tools() -> List[Tool[Any, Any]]:
             if isinstance(tool, Tool):
                 base_tools.append(tool)
                 dynamic_tools.append(tool)
-    except Exception:
+    except (ImportError, ModuleNotFoundError, OSError, RuntimeError, ConnectionError, ValueError, TypeError) as exc:
         # If MCP runtime is not available, continue with base tools only.
-        logger.exception("[default_tools] Failed to load dynamic MCP tools")
+        logger.warning(
+            "[default_tools] Failed to load dynamic MCP tools: %s: %s",
+            type(exc).__name__, exc,
+        )
 
     task_tool = TaskTool(lambda: base_tools)
     all_tools = base_tools + [task_tool]

ripperdoc/core/permissions.py

@@ -48,19 +48,19 @@ def permission_key(tool: Tool[Any, Any], parsed_input: Any) -> str:
     if hasattr(parsed_input, "file_path"):
         try:
             return f"{tool.name}::path::{Path(getattr(parsed_input, 'file_path')).resolve()}"
-        except Exception:
-            logger.exception(
+        except (OSError, RuntimeError) as exc:
+            logger.warning(
                 "[permissions] Failed to resolve file_path for permission key",
-                extra={"tool": getattr(tool, "name", None)},
+                extra={"tool": getattr(tool, "name", None), "error": str(exc)},
             )
             return f"{tool.name}::path::{getattr(parsed_input, 'file_path')}"
     if hasattr(parsed_input, "path"):
         try:
             return f"{tool.name}::path::{Path(getattr(parsed_input, 'path')).resolve()}"
-        except Exception:
-            logger.exception(
+        except (OSError, RuntimeError) as exc:
+            logger.warning(
                 "[permissions] Failed to resolve path for permission key",
-                extra={"tool": getattr(tool, "name", None)},
+                extra={"tool": getattr(tool, "name", None), "error": str(exc)},
             )
             return f"{tool.name}::path::{getattr(parsed_input, 'path')}"
     return tool.name
@@ -126,14 +126,15 @@ def make_permission_checker(
         try:
             if hasattr(tool, "needs_permissions") and not tool.needs_permissions(parsed_input):
                 return PermissionResult(result=True)
-        except Exception:
-            logger.exception(
+        except (TypeError, AttributeError, ValueError) as exc:
+            # Tool implementation error - log and deny for safety
+            logger.warning(
                 "[permissions] Tool needs_permissions check failed",
-                extra={"tool": getattr(tool, "name", None)},
+                extra={"tool": getattr(tool, "name", None), "error": str(exc), "error_type": type(exc).__name__},
             )
             return PermissionResult(
                 result=False,
-                message="Permission check failed for this tool invocation.",
+                message=f"Permission check failed: {type(exc).__name__}: {exc}",
             )
 
         allowed_tools = set(config.allowed_tools or [])
@@ -167,14 +168,15 @@ def make_permission_checker(
                 # Allow tools to return a plain dict shaped like PermissionDecision.
                 if isinstance(decision, dict) and "behavior" in decision:
                     decision = PermissionDecision(**decision)
-            except Exception:
-                logger.exception(
+            except (TypeError, AttributeError, ValueError, KeyError) as exc:
+                # Tool implementation error - fall back to asking user
+                logger.warning(
                     "[permissions] Tool check_permissions failed",
-                    extra={"tool": getattr(tool, "name", None)},
+                    extra={"tool": getattr(tool, "name", None), "error": str(exc), "error_type": type(exc).__name__},
                 )
                 decision = PermissionDecision(
                     behavior="ask",
-                    message="Error checking permissions for this tool.",
+                    message=f"Error checking permissions: {type(exc).__name__}",
                     rule_suggestions=None,
                 )
 
@@ -219,6 +221,10 @@ def make_permission_checker(
         ]
 
         answer = (await _prompt_user(prompt, options=options)).strip().lower()
+        logger.debug(
+            "[permissions] User answer for permission prompt",
+            extra={"answer": answer, "tool": getattr(tool, "name", None)},
+        )
         rule_suggestions = _rule_strings(decision.rule_suggestions) or [
             permission_key(tool, parsed_input)
         ]