feat(chat): richer permission prompt details (#5338)

devantler · claude · web-flow · commit 2e8f4c0de17f · 2026-06-19T07:55:26.000+02:00
Populate the TUI permission modal's "Arguments:" line with concise,
kind-specific context so the user sees more when approving an operation:

- Shell: the command warning, if present (⚠ &lt;warning&gt;).
- MCP: the server name, plus "(read-only)" when the tool is read-only.
- Write: "New file" when creating a new file (NewFileContents set).

Adds a permissionArguments helper (type switch over the v1.0.0 concrete
pointer request types) and wires it into CreateTUIPermissionHandler in
place of the hardcoded empty arguments string. Covered by table-driven
tests.

Co-authored-by: Claude Opus 4.8 &lt;noreply@anthropic.com&gt;
diff --git a/pkg/cli/ui/chat/export_test.go b/pkg/cli/ui/chat/export_test.go
@@ -147,6 +147,9 @@ var ExportSetLastUsageModel = func(m *Model, model string) {
 // ExportExtractPermissionDetails exposes extractPermissionDetails for testing.
 var ExportExtractPermissionDetails = extractPermissionDetails
 
+// ExportPermissionArguments exposes permissionArguments for testing.
+var ExportPermissionArguments = permissionArguments
+
 // ExportFormatPermissionKind exposes formatPermissionKind for testing.
 var ExportFormatPermissionKind = formatPermissionKind
 
diff --git a/pkg/cli/ui/chat/permission.go b/pkg/cli/ui/chat/permission.go
@@ -289,7 +289,7 @@ func CreateTUIPermissionHandler(
 			toolCallID: toolCallID,
 			toolName:   toolName,
 			command:    command,
-			arguments:  "",
+			arguments:  permissionArguments(request),
 			response:   responseChan,
 		}
 
@@ -370,6 +370,35 @@ func extensionPermissionDetail(request copilot.PermissionRequest) string {
 	return ""
 }
 
+// permissionArguments returns a short, kind-specific line of extra context for a
+// permission request, shown to the user under the "Arguments:" label in the modal.
+// It returns "" when there's nothing useful to add for the request's kind.
+func permissionArguments(request copilot.PermissionRequest) string {
+	switch req := request.(type) {
+	case *copilot.PermissionRequestShell:
+		if warning := derefString(req.Warning); warning != "" {
+			return "⚠ " + warning
+		}
+	case *copilot.PermissionRequestMCP:
+		if req.ServerName == "" {
+			return ""
+		}
+
+		detail := "Server: " + req.ServerName
+		if req.ReadOnly {
+			detail += " (read-only)"
+		}
+
+		return detail
+	case *copilot.PermissionRequestWrite:
+		if req.NewFileContents != nil {
+			return "New file"
+		}
+	}
+
+	return ""
+}
+
 // permissionToolCallID extracts the tool-call ID from a permission request, if present.
 // Each concrete request variant carries its own optional ToolCallID field.
 func permissionToolCallID(request copilot.PermissionRequest) string {
diff --git a/pkg/cli/ui/chat/permission_test.go b/pkg/cli/ui/chat/permission_test.go
@@ -449,6 +449,103 @@ func TestPermissionModal_AllowThisOperation(t *testing.T) {
 	}
 }
 
+// assertPermissionArguments runs a table of permissionArguments cases.
+func assertPermissionArguments(t *testing.T, tests []struct {
+	name    string
+	request copilot.PermissionRequest
+	want    string
+},
+) {
+	t.Helper()
+
+	for _, testCase := range tests {
+		t.Run(testCase.name, func(t *testing.T) {
+			t.Parallel()
+
+			got := chat.ExportPermissionArguments(testCase.request)
+			if got != testCase.want {
+				t.Errorf("permissionArguments() = %q, want %q", got, testCase.want)
+			}
+		})
+	}
+}
+
+// TestPermissionArguments_Shell tests shell-warning extraction for permission requests.
+func TestPermissionArguments_Shell(t *testing.T) {
+	t.Parallel()
+
+	assertPermissionArguments(t, []struct {
+		name    string
+		request copilot.PermissionRequest
+		want    string
+	}{
+		{
+			name: "shell with warning",
+			request: &copilot.PermissionRequestShell{
+				FullCommandText: "rm -rf /",
+				Warning:         new("dangerous"),
+			},
+			want: "⚠ dangerous",
+		},
+		{
+			name: "shell without warning",
+			request: &copilot.PermissionRequestShell{
+				FullCommandText: "ls",
+			},
+			want: "",
+		},
+		{
+			name:    "read has no extra context",
+			request: &copilot.PermissionRequestRead{Path: "/etc/config.yaml"},
+			want:    "",
+		},
+	})
+}
+
+// TestPermissionArguments_MCPAndWrite tests MCP server and write new-file extraction.
+func TestPermissionArguments_MCPAndWrite(t *testing.T) {
+	t.Parallel()
+
+	assertPermissionArguments(t, []struct {
+		name    string
+		request copilot.PermissionRequest
+		want    string
+	}{
+		{
+			name: "mcp with server name",
+			request: &copilot.PermissionRequestMCP{
+				ServerName: "ksail",
+				ToolName:   "cluster_create",
+			},
+			want: "Server: ksail",
+		},
+		{
+			name: "mcp read-only",
+			request: &copilot.PermissionRequestMCP{
+				ServerName: "ksail",
+				ToolName:   "cluster_list",
+				ReadOnly:   true,
+			},
+			want: "Server: ksail (read-only)",
+		},
+		{
+			name: "write new file",
+			request: &copilot.PermissionRequestWrite{
+				FileName:        "/tmp/output.txt",
+				NewFileContents: new("hello"),
+			},
+			want: "New file",
+		},
+		{
+			name: "write existing file",
+			request: &copilot.PermissionRequestWrite{
+				FileName: "/tmp/output.txt",
+			},
+			want: "",
+		},
+	})
+}
+
 // TestPermissionModal_AllowAlwaysSwitchesToAutopilot tests that pressing 'a' on the
 // permission prompt switches to Autopilot mode and approves the request.
 func TestPermissionModal_AllowAlwaysSwitchesToAutopilot(t *testing.T) {
