fix(supervisor): preserve Bedrock and Vertex skip-auth flags in SDK env (closes #3053)

[rodboev]

Summary

sanitizeEnv() preserves CLAUDE_CODE_USE_BEDROCK and CLAUDE_CODE_USE_VERTEX, but it strips the paired CLAUDE_CODE_SKIP_BEDROCK_AUTH and CLAUDE_CODE_SKIP_VERTEX_AUTH flags before the SDK subprocess launches. That leaves bearer-auth gateway routes on the Bedrock or Vertex code path without the explicit skip-auth override, which matches the reported hangs and 401 Unauthorized failures.

This change adds the two missing skip-auth flags to the supervisor allowlist, regenerates the shipped worker, server-beta, and MCP bundles that embed that preserve set, and covers both the source helper and the packaged runtime surfaces with focused sanitizer regressions. The subprocess launch flow stays unchanged; only the env contract is corrected.

Why

ENV_PRESERVE in src/supervisor/env-sanitizer.ts is the authoritative allowlist for CLAUDE_CODE_* vars that survive sanitization. The exact-match check preserves CLAUDE_CODE_USE_BEDROCK and CLAUDE_CODE_USE_VERTEX, then the prefix filter drops every remaining CLAUDE_CODE_* var, including the omitted CLAUDE_CODE_SKIP_*_AUTH flags.

ClaudeProvider builds the SDK subprocess env with sanitizeEnv(await buildIsolatedEnvWithFreshOAuth()), so the omission is what reaches the child process. The same preserve set is also baked into the shipped worker-service.cjs, server-beta-service.cjs, and mcp-server.cjs bundles that installed users actually execute. Adding the two missing keys and regenerating those bundles fixes the auth-mode mismatch without widening the rest of the prefix filter.

Scope

• Keeps scope to the supervisor allowlist, the three shipped bundles that embed it, and the focused sanitizer test surface.
• Does not change EnvManager.ts or any subprocess launch site logic.
• Related sanitizer work in #3018 preserves proxy vars on the same file surface; this PR keeps scope to the two skip-auth flags from #3053.

Verification

• bun test tests/supervisor/env-sanitizer.test.ts - 14 passing, including shipped-bundle coverage for worker, server-beta, and MCP runtime bundles
• npm run build - bundle within guardrail
• npm run lint:hook-io && npm run lint:spawn-env - clean
• npm run strip-comments:check - current upstream baseline still reports 329 would-change files, including the pre-existing narrative comment block in src/supervisor/env-sanitizer.ts
• Manual: copied the branch sanitizer test file onto an origin/main throwaway checkout and confirmed the new skip-auth assertions fail on base but pass on this branch

Closes #3053

[greptile-apps]

Greptile Summary

This PR preserves Bedrock and Vertex skip-auth flags when launching sanitized SDK subprocess environments. The main changes are:

• Adds CLAUDE_CODE_SKIP_BEDROCK_AUTH to the supervisor sanitizer preserve allowlist.
• Adds CLAUDE_CODE_SKIP_VERTEX_AUTH to the same allowlist.
• Regenerates the worker, server-beta, and MCP runtime bundles with the updated preserve set.
• Adds tests for source sanitizer behavior and shipped bundle inclusion.

Confidence Score: 5/5

The sanitizer change is narrow and covered across both source and packaged runtime surfaces.

The updated allowlist preserves only the two missing skip-auth flags while keeping the existing prefix filtering behavior intact, with focused tests covering the helper and shipped bundles.

T-Rex Logs

What T-Rex did

• Ran the source-skip-auth-preserve tests and compared the before and after outputs; the head output now includes CLAUDE_CODE_SKIP_BEDROCK_AUTH, CLAUDE_CODE_SKIP_VERTEX_AUTH, CLAUDE_CODE_USE_BEDROCK, CLAUDE_CODE_USE_VERTEX, and PATH, while CLAUDE_CODE_RANDOM_OTHER remains absent; the head Bun test tests/supervisor/env-sanitizer.test.ts completed with 14 pass and 0 fail.
• Ran the bundles-skip-auth-preserve tests and reviewed the before/after bundle validation results; the before state showed missing results for both flags with overall FAIL and EXIT_CODE 1, while the after state shows results present for both flags with overall PASS and EXIT_CODE 0.

_{Ran code and verified through T-Rex}

_{Reviews (1): Last reviewed commit: "fix(mcp): preserve skip-auth env flags d..." | Re-trigger Greptile}

[OliverViola]

great to have you