Worker agents fail to start: missing IS_SANDBOX=1 causes --dangerously-skip-permissions to fail as root #1009
Description
Description
When a Mind (running as root) tries to create a worker sub-agent via mng create, the worker agent fails to start with the error:
--dangerously-skip-permissions cannot be used with root/sudo privileges for security reasons
Steps to Reproduce
- Run a Mind (e.g.
product_manager) as root — this works fine because its command includesIS_SANDBOX=1 - From within the Mind, call
mng createto spawn a worker agent (e.g. viadelegate-task-to-agentskill) - The worker agent fails to start with the above error
Expected Behavior
Worker agents should be able to start in the same environment as the parent Mind. Since the parent Mind runs successfully with --dangerously-skip-permissions as root (via IS_SANDBOX=1), worker agents should inherit the same capability.
Actual Behavior
The worker agent's startup command does not include IS_SANDBOX=1, so Claude Code refuses to run with --dangerously-skip-permissions as root. The agent enters the REPLACED state and becomes unusable.
Evidence
Parent agent command (works):
cd "$ROLE" && ( ( $MNG_AGENT_STATE_DIR/commands/claude_background_tasks.sh mng-product_manager ) & export IS_SANDBOX=1 && ... claude --dangerously-skip-permissions )
Worker agent command (fails):
( $MNG_AGENT_STATE_DIR/commands/claude_background_tasks.sh mng-setup-target-repo ) & ... claude --dangerously-skip-permissions
Note: IS_SANDBOX=1 is present in the parent's command but missing from the worker's command.
Environment
- Claude Code version: 2.1.85
- Host: local (running as root, uid=0)
- Parent agent type:
claude-mind - Worker agent type:
worker(created with--env ROLE=working)
Suggested Fix
When creating worker agents under a claude-mind parent, propagate the IS_SANDBOX=1 environment variable (or equivalent) to the worker agent's startup command, so it can run --dangerously-skip-permissions in the same way the parent does.