-
由 Will Chen 提交于
## Summary - Fix PermissionRequest hook to use correct hookSpecificOutput JSON wrapper format - Previously the hook output {behavior: allow} but Claude Code expects {hookSpecificOutput: {hookEventName: PermissionRequest, decision: {behavior: allow}}} - Clean up code: remove debug logging, organize imports ## Test plan - Run a command that triggers permission request (e.g., rm -rf somedir) - Verify the hook auto-approves GREEN operations without showing the permission dialog - Test with DEBUG_PERMISSION_HOOK=1 to see hook execution logs Generated with Claude Code <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Uses Claude Sonnet to analyze permission requests and fixes the PermissionRequest hook output format so decisions are applied correctly. GREEN auto-approves, YELLOW passes through, RED auto-denies without showing the dialog. - **Bug Fixes** - Use the correct wrapper: {hookSpecificOutput: {hookEventName: "PermissionRequest", decision: {behavior: "allow"|"deny"}}}. - Improve JSON extraction; remove debug logs and tidy imports. - **New Features** - Add permission-request-hook.py to analyze requests with Claude CLI (sonnet) and auto-approve/deny using permission-policy.md. - Add tests for hook behavior, response schema, and policy coverage. - Enable the hook in .claude/settings.json for all tools. <sup>Written for commit bcdcd4eeda5e28d4cde37247fae8c150c1e9ba1b. Summary will update on new commits.</sup> <!-- End of auto-generated description by cubic. --> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > Introduces an AI-driven PermissionRequest hook that evaluates tool actions against a new security policy and auto-approves/denies accordingly, plus tests and settings wiring. > > - **Add** `permission-request-hook.py` to call Claude (model `sonnet`) with `permission-policy.md`, parse JSON robustly, and emit `hookSpecificOutput` for `allow`/`deny` (GREEN auto-approve, RED auto-deny, YELLOW passthrough) > - **Add** comprehensive `permission-policy.md` covering Bash, GitHub, and file operations with GREEN/YELLOW/RED criteria > - **Add** tests in `tests/test_permission_request_hook.py` for hook passthrough behavior, response format, CLI absence, and policy coverage > - **Configure** `.claude/settings.json` to register the new PermissionRequest hook for all tools with a 30s timeout > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit bcdcd4eeda5e28d4cde37247fae8c150c1e9ba1b. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by:Claude Opus 4.5 <noreply@anthropic.com>
