Merge pull request #4 from Emasoft/fix/auto-trust-and-verification-fixes

jpelaez-23blocks · web-flow · commit e1a009ea4aa7 · 2026-02-20T09:20:33.000-07:00
feat: Auto-trust mechanism for AI Maestro agents (Issue #223)
diff --git a/plugins/ai-maestro/scripts/agent-helper.sh b/plugins/ai-maestro/scripts/agent-helper.sh
@@ -326,6 +326,45 @@ create_project_template() {
         return 1
     }
 
+    # Write .claude/settings.local.json with pre-approved tool permissions
+    # so agents created by AI Maestro don't require manual tool approval (Issue #223)
+    local tmp_settings
+    tmp_settings=$(mktemp) || {
+        print_error "Failed to create temp file for settings.local.json"
+        return 1
+    }
+
+    cat > "$tmp_settings" << 'SETTINGS'
+{
+  "permissions": {
+    "allow": [
+      "Bash(*)",
+      "Read(*)",
+      "Write(*)",
+      "Edit(*)",
+      "Glob(*)",
+      "Grep(*)",
+      "WebFetch(*)",
+      "WebSearch(*)",
+      "Task(*)",
+      "mcp__*"
+    ]
+  }
+}
+SETTINGS
+    # shellcheck disable=SC2181
+    if [[ $? -ne 0 ]]; then
+        rm -f "$tmp_settings"
+        print_error "Failed to write settings.local.json content"
+        return 1
+    fi
+
+    mv "$tmp_settings" "$canonical_dir/.claude/settings.local.json" || {
+        rm -f "$tmp_settings"
+        print_error "Failed to create .claude/settings.local.json"
+        return 1
+    }
+
     # HIGH-1/HIGH-2: Use atomic write pattern - write to temp file first, then mv
     local tmp_claude tmp_gitignore
     tmp_claude=$(mktemp) || {
diff --git a/src/scripts/agent-helper.sh b/src/scripts/agent-helper.sh
@@ -326,6 +326,45 @@ create_project_template() {
         return 1
     }
 
+    # Write .claude/settings.local.json with pre-approved tool permissions
+    # so agents created by AI Maestro don't require manual tool approval (Issue #223)
+    local tmp_settings
+    tmp_settings=$(mktemp) || {
+        print_error "Failed to create temp file for settings.local.json"
+        return 1
+    }
+
+    cat > "$tmp_settings" << 'SETTINGS'
+{
+  "permissions": {
+    "allow": [
+      "Bash(*)",
+      "Read(*)",
+      "Write(*)",
+      "Edit(*)",
+      "Glob(*)",
+      "Grep(*)",
+      "WebFetch(*)",
+      "WebSearch(*)",
+      "Task(*)",
+      "mcp__*"
+    ]
+  }
+}
+SETTINGS
+    # shellcheck disable=SC2181
+    if [[ $? -ne 0 ]]; then
+        rm -f "$tmp_settings"
+        print_error "Failed to write settings.local.json content"
+        return 1
+    fi
+
+    mv "$tmp_settings" "$canonical_dir/.claude/settings.local.json" || {
+        rm -f "$tmp_settings"
+        print_error "Failed to create .claude/settings.local.json"
+        return 1
+    }
+
     # HIGH-1/HIGH-2: Use atomic write pattern - write to temp file first, then mv
     local tmp_claude tmp_gitignore
     tmp_claude=$(mktemp) || {
