feat(agent): wire exec approval callback into tool execution pipeline

- Add optional onApprovalNeeded callback to exec tool (backward compatible) - Thread callback through CreateToolsOptions → AgentOptions → resolveTools - Add ExecApprovalConfig to ProfileConfig for per-profile configuration - Create CLI terminal approval callback (readline-based) for non-Hub mode - Export all exec approval types and functions from tools index Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-04 17:07:07 +08:00 · 2026-02-04 17:07:07 +08:00 · 89089ef866
commit 89089ef866
parent e67682cfa0
6 changed files with 239 additions and 2 deletions
--- a/src/agent/tools/exec.ts
+++ b/src/agent/tools/exec.ts
@ -7,6 +7,7 @@ import {
  getFullOutput,
  PROCESS_REGISTRY,
 } from "./process-registry.js";
+import type { ExecApprovalCallback } from "./exec-approval-types.js";

 const ExecSchema = Type.Object({
  command: Type.String({ description: "Shell command to execute." }),
@ -40,7 +41,10 @@ export type ExecResult = {

 const DEFAULT_YIELD_MS = 10000; // Changed from 5000 to 10000

-export function createExecTool(defaultCwd?: string): AgentTool<typeof ExecSchema, ExecResult> {
+export function createExecTool(
+  defaultCwd?: string,
+  onApprovalNeeded?: ExecApprovalCallback,
+): AgentTool<typeof ExecSchema, ExecResult> {
  return {
    name: "exec",
    label: "Exec",
@ -51,6 +55,21 @@ export function createExecTool(defaultCwd?: string): AgentTool<typeof ExecSchema
      const { command, cwd, timeoutMs, yieldMs = DEFAULT_YIELD_MS } = args as ExecArgs;
      const effectiveCwd = cwd || defaultCwd;

+      // Exec approval: ask for permission before executing
+      if (onApprovalNeeded) {
+        const approvalResult = await onApprovalNeeded(command, effectiveCwd);
+        if (!approvalResult.approved) {
+          return {
+            content: [{ type: "text", text: "Command execution denied by user." }],
+            details: {
+              output: "Command execution denied by user.",
+              exitCode: 1,
+              truncated: false,
+            },
+          };
+        }
+      }
+
      return new Promise((resolve) => {
        const child = spawn(command, {
          shell: true,