From 202a5e99e4550f3538d0b00bd1f92fcb4e48134e Mon Sep 17 00:00:00 2001 From: PeninsulaInd Date: Tue, 17 Feb 2026 09:59:27 -0600 Subject: [PATCH] 1.4: Wire require_approval check for shell commands When config.shell.require_approval is True, run_command now refuses execution and directs the user to delegate_task instead. The execution brain (Claude Code CLI) has its own approval controls. Co-Authored-By: Claude Opus 4.6 --- cheddahbot/tools/shell.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/cheddahbot/tools/shell.py b/cheddahbot/tools/shell.py index 4c4c51d..a3eb578 100644 --- a/cheddahbot/tools/shell.py +++ b/cheddahbot/tools/shell.py @@ -18,7 +18,14 @@ BLOCKED_PATTERNS = [ @tool("run_command", "Execute a shell command and return output", category="shell") -def run_command(command: str, timeout: int = 30) -> str: +def run_command(command: str, timeout: int = 30, ctx: dict | None = None) -> str: + # Check require_approval setting + if ctx and ctx.get("config") and ctx["config"].shell.require_approval: + return ( + "Shell commands require approval. Use the `delegate_task` tool instead — " + "it routes through the execution brain which has its own safety controls." + ) + # Safety check cmd_lower = command.lower().strip() for pattern in BLOCKED_PATTERNS: