Describe

When passing allowed_tools=[] to explicitly set no tools as auto-allowed (i.e., all tools should require permission prompting), the empty list is treated as falsy in Python, causing the --allowedTools flag to be omitted entirely from the CLI command. This makes allowed_tools=[] indistinguishable from allowed_tools=None (unset).

Note: --allowedTools controls which tools execute without prompting for permission, not which tools are available. To restrict tool availability, use --tools instead (see CLI reference).

Location

In subprocess_cli.py, the condition uses a truthiness check:

if self._options.allowed_tools:
    cmd.extend(["--allowedTools", ",".join(self._options.allowed_tools)])

Since [] is falsy in Python, this condition evaluates to False, and --allowedTools is never passed to the CLI subprocess.

Expected behavior

allowed_tools=[] should mean "no tools are auto-allowed — all tools require permission prompting."

The distinction between None (not specified / use defaults) and [] (explicitly no auto-allowed tools) should be preserved.

Suggested fix

if self._options.allowed_tools is not None:
    cmd.extend(["--allowedTools", ",".join(self._options.allowed_tools)])

Impact

This bug affects any use case where the caller wants to ensure all tools require explicit permission prompting. Instead of enforcing permission prompts for every tool, the --allowedTools flag is silently omitted, leaving the default permission behavior unchanged.

Reproduction

from claude_agent_sdk import AgentOptions

options = AgentOptions(allowed_tools=[])
# When building the CLI command, --allowedTools is silently omitted
# allowed_tools=[] is indistinguishable from allowed_tools=None (unset)