Update permissions & use haiku (#2539)

#skip-bb  --- <a href="https://app.devin.ai/review/dyad-sh/dyad/pull/2539" target="_blank"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1"> <img src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1" alt="Open with Devin"> </picture> </a>

Update permissions & use haiku (#2539)
1516181e · Will Chen · GitHub · 3d942916 · 1516181e · 1516181e
--- a/.claude/hooks/permission-policy.md
+++ b/.claude/hooks/permission-policy.md
@@ -193,7 +193,6 @@ tool requests and determine their safety level. Be conservative - when in doubt,

 1. **Repository operations**:
   - gh repo fork (forking repositories)
-   - gh repo clone (cloning - generally safe but uses network)

 ### RED (Dangerous - Block)


--- a/.claude/hooks/permission-request-hook.py
+++ b/.claude/hooks/permission-request-hook.py
@@ -87,7 +87,7 @@ Analyze this request and provide your safety assessment. Respond with ONLY a JSO
                claude_path,
                "--print",
                "--output-format", "text",
-                "--model", "sonnet",
+                "--model", "haiku",
                "--no-session-persistence",
                prompt
            ],

--- a/.claude/settings.json
+++ b/.claude/settings.json
@@ -7,6 +7,8 @@
      "Read(/tmp/**)",
      "Write(/tmp/)",
      "Write(/tmp/**)",
+      "Bash(mkdir)",
+
      "Bash(cat /tmp/*)",
      "Bash(head /tmp/*)",
      "Bash(tail /tmp/*)",
@@ -49,6 +51,7 @@
      "Bash(npm install:*)",
      "Bash(npm update:*)",
      "Bash(npm ls:*)",
+      "Bash(npm view:*)",
      "Bash(DEBUG=pw:browser npm run e2e:*)",
      "Bash(PLAYWRIGHT_HTML_OPEN=never npm run e2e:*)",
      "Bash(DEBUG=pw:browser PLAYWRIGHT_HTML_OPEN=never npm run e2e:*)",
@@ -117,7 +120,6 @@

      "Bash(chmod:*)",

-      "Bash(python3:*)",
      "Bash(pytest:*)",
      "Bash(python -m pytest:*)"
    ]