Summary
Skills that create temp files (/create-issue, /plan, /plan-to-issues, /improve) instruct a separate standalone rm cleanup Bash call, triggering a user permission prompt every time — rm is never auto-allowed, and compound commands require every segment allowed. User hits repeated prompts in every planning/filing flow.
Implementation Approach
Durable fix at the skill level — cleanup rides the SAME Bash invocation as the file-consuming command, so the single create-approval covers it:
- MODIFY
plugins/autonomous-dev/commands/create-issue.md (Quick Steps 4-5): create command becomes gh issue create --title ... --body-file /tmp/create_issue_body_${RUN_TS}.md; rm -f /tmp/create_issue_body_${RUN_TS}.md /tmp/autonomous_dev_cmd_context.json. Remove standalone cleanup step.
- MODIFY
plugins/autonomous-dev/commands/plan.md (STEP 6): per-issue create ends with trailing cleanup of its own temp file; final create also removes the context file.
- MODIFY
plugins/autonomous-dev/commands/plan-to-issues.md (STEPs 4-5): same pattern; drop standalone Cleanup bullets.
- MODIFY
plugins/autonomous-dev/commands/improve.md (STEP 5): same pattern for context-file cleanup.
- Keep unique RUN_TS temp suffixes (collision safety; a missed cleanup is harmless on tmpfs).
- Decide at plan time: optional companion scoped allow rules in settings templates (
Bash(rm -f /tmp/plan_issue_*) etc.) for immediate relief on existing installs.
Test Scenarios
- Happy path: /create-issue --quick run end-to-end produces at most ONE Bash permission prompt (the create itself).
- Grep-locked regression: no commands/*.md instructs a standalone
rm Bash call for its own temp files.
- Failure path: gh create fails — trailing cleanup still executes (command chain uses
; not && for the rm segment).
- Collision safety: two concurrent runs use distinct RUN_TS files; neither removes the other's temp file.
- Context-file lifecycle: removed exactly once at flow end; mid-flow steps that need it still find it.
Acceptance Criteria
Origin: user-reported friction 2026-06-11 ("writing and deleting plans keeps asking for permissions"). Durable fix explicitly requested over settings allow-rules.
Plugin Version: 3.50.0 (c41558b)
Summary
Skills that create temp files (/create-issue, /plan, /plan-to-issues, /improve) instruct a separate standalone
rmcleanup Bash call, triggering a user permission prompt every time — rm is never auto-allowed, and compound commands require every segment allowed. User hits repeated prompts in every planning/filing flow.Implementation Approach
Durable fix at the skill level — cleanup rides the SAME Bash invocation as the file-consuming command, so the single create-approval covers it:
plugins/autonomous-dev/commands/create-issue.md(Quick Steps 4-5): create command becomesgh issue create --title ... --body-file /tmp/create_issue_body_${RUN_TS}.md; rm -f /tmp/create_issue_body_${RUN_TS}.md /tmp/autonomous_dev_cmd_context.json. Remove standalone cleanup step.plugins/autonomous-dev/commands/plan.md(STEP 6): per-issue create ends with trailing cleanup of its own temp file; final create also removes the context file.plugins/autonomous-dev/commands/plan-to-issues.md(STEPs 4-5): same pattern; drop standalone Cleanup bullets.plugins/autonomous-dev/commands/improve.md(STEP 5): same pattern for context-file cleanup.Bash(rm -f /tmp/plan_issue_*)etc.) for immediate relief on existing installs.Test Scenarios
rmBash call for its own temp files.;not&&for the rm segment).Acceptance Criteria
;chaining ensures cleanup runs even when the create failsOrigin: user-reported friction 2026-06-11 ("writing and deleting plans keeps asking for permissions"). Durable fix explicitly requested over settings allow-rules.
Plugin Version: 3.50.0 (c41558b)