feat: increase base permissions for agents (#665)

- Defined a set of base tools that are always allowed (`TodoWrite`, `Glob`, `Grep`, etc.)
- Implemented mode-specific tool permissions (e.g., `acceptEdits` mode allows `Edit`, `Write`, and `NotebookEdit` tools)
- Also make the MCP tools check for these permissions

This needs a bigger refactor so the flow of data for toolcalls/MCP tools is more clear, but this gets the basic concepts in

Author: jonathanlab

apps/twig/src/renderer/features/sessions/stores/sessionStore.ts

@@ -276,31 +276,6 @@ function subscribeToChannel(taskRunId: string) {
                 draft.sessions[taskRunId].pendingPermissions = newPermissions;
               }
             });
-
-            const auth = useAuthStore.getState();
-            if (auth.client && session.taskId) {
-              const storedEntry: StoredLogEntry = {
-                type: "notification",
-                timestamp: new Date().toISOString(),
-                notification: {
-                  method: "_array/permission_request",
-                  params: payload,
-                },
-              };
-              try {
-                await auth.client.appendTaskRunLog(session.taskId, taskRunId, [
-                  storedEntry,
-                ]);
-                log.info("Permission request persisted to logs", {
-                  taskRunId,
-                  toolCallId: payload.toolCall.toolCallId,
-                });
-              } catch (error) {
-                log.warn("Failed to persist permission request to logs", {
-                  error,
-                });
-              }
-            }
           } else {
             log.warn("Session not found for permission request", {
               taskRunId,
@@ -1291,36 +1266,6 @@ const useStore = create<SessionStore>()(
               optionId,
               hasCustomInput: !!customInput,
             });
-
-            // Persist permission response to logs for recovery tracking
-            const auth = useAuthStore.getState();
-            if (auth.client) {
-              const storedEntry: StoredLogEntry = {
-                type: "notification",
-                timestamp: new Date().toISOString(),
-                notification: {
-                  method: "_array/permission_response",
-                  params: {
-                    toolCallId,
-                    optionId,
-                    ...(customInput && { customInput }),
-                  },
-                },
-              };
-              try {
-                await auth.client.appendTaskRunLog(taskId, session.taskRunId, [
-                  storedEntry,
-                ]);
-                log.info("Permission response persisted to logs", {
-                  taskId,
-                  toolCallId,
-                });
-              } catch (persistError) {
-                log.warn("Failed to persist permission response to logs", {
-                  error: persistError,
-                });
-              }
-            }
           } catch (error) {
             log.error("Failed to respond to permission", {
               taskId,
@@ -1362,36 +1307,6 @@ const useStore = create<SessionStore>()(
             });
 
             log.info("Permission cancelled", { taskId, toolCallId });
-
-            // Persist permission cancellation to logs for recovery tracking
-            const auth = useAuthStore.getState();
-            if (auth.client) {
-              const storedEntry: StoredLogEntry = {
-                type: "notification",
-                timestamp: new Date().toISOString(),
-                notification: {
-                  // TODO: Migrate to twig
-                  method: "_array/permission_response",
-                  params: {
-                    toolCallId,
-                    optionId: "_cancelled",
-                  },
-                },
-              };
-              try {
-                await auth.client.appendTaskRunLog(taskId, session.taskRunId, [
-                  storedEntry,
-                ]);
-                log.info("Permission cancellation persisted to logs", {
-                  taskId,
-                  toolCallId,
-                });
-              } catch (persistError) {
-                log.warn("Failed to persist permission cancellation to logs", {
-                  error: persistError,
-                });
-              }
-            }
           } catch (error) {
             log.error("Failed to cancel permission", {
               taskId,

apps/twig/src/renderer/features/sessions/utils/parseSessionLogs.ts

@@ -1,8 +1,9 @@
 /// <reference path="../../../types/electron.d.ts" />
 
-import type {
-  RequestPermissionRequest,
-  SessionNotification,
+import {
+  CLIENT_METHODS,
+  type RequestPermissionRequest,
+  type SessionNotification,
 } from "@agentclientprotocol/sdk";
 import { trpcVanilla } from "@/renderer/trpc";
 
@@ -108,44 +109,85 @@ export type PermissionRequest = RequestPermissionRequest & {
   receivedAt: number;
 };
 
+type SessionUpdate = {
+  sessionUpdate?: string;
+  toolCallId?: string;
+  status?: string;
+};
+
+type NotificationMsg = StoredLogEntry["notification"];
+
+function getSessionUpdate(msg: NotificationMsg): SessionUpdate | null {
+  if (msg?.method !== "session/update") return null;
+  return (msg.params as { update?: SessionUpdate })?.update ?? null;
+}
+
+function getPermissionToolCallId(msg: NotificationMsg): string | null {
+  if (msg?.method !== CLIENT_METHODS.session_request_permission) return null;
+  return (msg.params as RequestPermissionRequest)?.toolCall?.toolCallId ?? null;
+}
+
+function isTerminalStatus(status?: string): boolean {
+  return (
+    status === "in_progress" || status === "completed" || status === "failed"
+  );
+}
+
 /**
  * Scan log entries to find pending permission requests.
- * Returns permission requests that don't have a matching response.
+ * A permission is pending if:
+ * 1. We have a session/request_permission for a toolCallId
+ * 2. No subsequent tool_call_update
+ * 3. No assistant messages after the permission request (conversation hasn't moved on)
  */
 export function findPendingPermissions(
   entries: StoredLogEntry[],
 ): Map<string, PermissionRequest> {
-  const requests = new Map<string, StoredLogEntry>();
-  const responses = new Set<string>();
-
-  for (const entry of entries) {
-    const method = entry.notification?.method;
-    const params = entry.notification?.params as
-      | Record<string, unknown>
-      | undefined;
-
-    // TODO: Migrate to twig
-    if (method === "_array/permission_request" && params?.toolCallId) {
-      requests.set(params.toolCallId as string, entry);
+  const permissionRequests = new Map<
+    string,
+    { entry: StoredLogEntry; index: number }
+  >();
+  const resolvedToolCalls = new Set<string>();
+  let lastAssistantMessageIndex = -1;
+
+  entries.forEach((entry, i) => {
+    const msg = entry.notification;
+
+    const permissionToolCallId = getPermissionToolCallId(msg);
+    if (permissionToolCallId) {
+      permissionRequests.set(permissionToolCallId, { entry, index: i });
     }
 
-    // TODO: Migrate to twig
-    if (method === "_array/permission_response" && params?.toolCallId) {
-      responses.add(params.toolCallId as string);
+    const update = getSessionUpdate(msg);
+    if (!update) return;
+
+    const isResolvedToolCall =
+      update.sessionUpdate === "tool_call_update" &&
+      update.toolCallId &&
+      isTerminalStatus(update.status);
+
+    if (isResolvedToolCall) {
+      resolvedToolCalls.add(update.toolCallId!);
     }
-  }
 
-  const pending = new Map<string, PermissionRequest>();
-  for (const [toolCallId, entry] of requests) {
-    if (!responses.has(toolCallId)) {
-      const params = entry.notification?.params as RequestPermissionRequest;
-      pending.set(toolCallId, {
-        ...params,
-        receivedAt: entry.timestamp
-          ? new Date(entry.timestamp).getTime()
-          : Date.now(),
-      });
+    if (update.sessionUpdate === "assistant_message") {
+      lastAssistantMessageIndex = i;
     }
+  });
+
+  const pending = new Map<string, PermissionRequest>();
+  for (const [toolCallId, { entry, index }] of permissionRequests) {
+    const isResolved = resolvedToolCalls.has(toolCallId);
+    const isStale = lastAssistantMessageIndex > index;
+    if (isResolved || isStale) continue;
+
+    const params = entry.notification?.params as RequestPermissionRequest;
+    pending.set(toolCallId, {
+      ...params,
+      receivedAt: entry.timestamp
+        ? new Date(entry.timestamp).getTime()
+        : Date.now(),
+    });
   }
 
   return pending;

packages/agent/src/adapters/base-acp-agent.ts

@@ -35,8 +35,8 @@ export abstract class BaseAcpAgent implements Agent {
   protected session!: BaseSession;
   protected sessionId!: string;
   client: AgentSideConnection;
-  protected logger: Logger;
-  protected fileContentCache: { [key: string]: string } = {};
+  logger: Logger;
+  fileContentCache: { [key: string]: string } = {};
 
   constructor(client: AgentSideConnection) {
     this.client = client;