Mode Transition Safety
Priority: P2 · Effort: 0.5 day
Current
cycle_mode() blindly switches to next mode. Switching from BypassPermissions to Auto keeps all dangerous allow rules active.
Target (Claude Code parity)
When entering Auto mode, strip dangerously broad allow rules (bash, write, edit, patch, webfetch, subagent).
Implementation
- Add
is_dangerous_allow_rule() check in dcg_bridge.rs
- Add
strip_dangerous_permissions_for_mode() that removes dangerous rules before entering Auto
- Call in
cycle_mode() when target mode is Auto
Acceptance Criteria
Mode Transition Safety
Priority: P2 · Effort: 0.5 day
Current
cycle_mode()blindly switches to next mode. Switching from BypassPermissions to Auto keeps all dangerous allow rules active.Target (Claude Code parity)
When entering Auto mode, strip dangerously broad allow rules (bash, write, edit, patch, webfetch, subagent).
Implementation
is_dangerous_allow_rule()check indcg_bridge.rsstrip_dangerous_permissions_for_mode()that removes dangerous rules before entering Autocycle_mode()when target mode is AutoAcceptance Criteria