feat(core,cli): add session-scoped vibe mode with safe shell auto-approval

[BingqingLyu]

🚀 Description: Context-Aware Vibe Mode (Optional Auto-Approve)

TL;DR

This PR adds an optional Vibe Mode that auto-approves only safe, project-scoped shell commands for faster development loops. It is intentionally conservative to maintain a high security standard:

• Selective: Auto-approval applies only to approved development workflows.
• Scoped: Commands outside the project root are never auto-approved.
• Safe-by-Default: Dangerous or unrecognized commands still require manual approval.
• Ephemeral: Vibe mode is session-scoped (not persisted by default).

✨ Changes Included:

• Core Policy: Implemented vibeModeApproval.ts to evaluate command safety.
• Integration: Hooked the policy into the coreToolScheduler.ts approval flow.
• Commands: - Added /vibe [on|off] slash command for real-time toggling.
  • Added --vibe CLI flag for starting sessions in auto-approve mode.
• UI/UX: Added a lightweight status indicator in Footer.tsx.
• Testing: Comprehensive unit tests for both policy logic and scheduler behavior.

---

🛡️ Deep Dive: Safety Guardrails

To prevent accidental system damage, the following constraints are strictly enforced:

1. Project Scope Restriction: Execution is restricted to the current project directory (process.cwd()).
2. Domain Allowlist: Auto-approves npm, yarn, pnpm, bun, vitest, jest, next dev, and basic git operations.
3. Dangerous Command Fallback: Commands like sudo, root-destructive patterns (rm -rf /), and sensitive path operations (e.g., ~/.ssh) always trigger manual approval.
4. Trust Boundary: Vibe Mode is automatically disabled in untrusted folders.

---

🧪 Reviewer Test Plan

1. Enable Vibe Mode using /vibe on or the --vibe CLI flag.
2. Run a safe command (e.g., npm run dev) and verify it executes without a prompt.
3. Run a dangerous command (e.g., sudo npm install) and verify the manual approval prompt still appears.
4. Disable Vibe Mode and verify behavior returns to the default flow.

Example Checks:

Command	Behavior
npm run dev, vitest, git status	✅ Auto-executes (Safe)
sudo npm run dev, rm -rf /	⚠️ Prompts for Approval (Dangerous)
Commands targeting system paths	⚠️ Prompts for Approval (Unsafe Path)

---

📊 Testing Matrix

Platform	npm run	npx	Docker	Podman
🐧 Linux	🍏	⚠️	❓	❓
🪟 Windows	❓	❓	❓	❓
🍏 macOS	❓	❓	❓	❓

Note: Linux local test execution was attempted, but the environment hit dependency issues. Full matrix validation is pending CI and maintainer-side verification.

---

🔗 Linked Issues

• Related to planned Vibe Mode feature work.
• Resolves # (Insert Issue Number if applicable)

[BingqingLyu]

Conflict Group 1

This PR shares modified functions with 21 other PR(s): #10, #106, #107, #112, #113, #114, #117, #14, #17, #18, #21, #22, #31, #36, #46, #7, #75, #87, #88, #9, #96.

These PRs should be reviewed as a batch — merging one may affect the others.

Function	File	Also modified by
createInvocation	coreToolScheduler.test.ts	#96
isSdkMcpServerConfig	config.ts	#106, #112, #113, #114, #117, #18, #46, #75, #88
loadCliConfig	config.ts	#106, #112, #113, #114, #117, #36, #46, #75, #88
loadCommands	BuiltinCommandLoader.ts	#107, #87, #9, #96
normalizeConfigOutputFormat	config.ts	#106, #112, #113, #114, #117, #18, #75, #88
parseApprovalModeValue	config.ts	#10, #112, #113, #114, #117, #21, #22, #36, #46, #88
parseArguments	config.ts	#10, #112, #113, #114, #117, #14, #17, #18, #21, #22, #31, #36, #46, #7, #88
useDreamRunning	Footer.tsx	#112, #113, #114, #117, #88, #96

graph LR
    PR86["PR #86"]
    FcreateInvocation_5521["createInvocation<br>coreToolScheduler.test.ts"]
    PR86 -->|modifies| FcreateInvocation_5521
    PR96["PR #96"]
    PR96 -->|modifies| FcreateInvocation_5521
    FisSdkMcpServerConfig_803["isSdkMcpServerConfig<br>config.ts"]
    PR86 -->|modifies| FisSdkMcpServerConfig_803
    PR106["PR #106"]
    PR106 -->|modifies| FisSdkMcpServerConfig_803
    PR112["PR #112"]
    PR112 -->|modifies| FisSdkMcpServerConfig_803
    PR113["PR #113"]
    PR113 -->|modifies| FisSdkMcpServerConfig_803
    PR114["PR #114"]
    PR114 -->|modifies| FisSdkMcpServerConfig_803
    PR117["PR #117"]
    PR117 -->|modifies| FisSdkMcpServerConfig_803
    PR18["PR #18"]
    PR18 -->|modifies| FisSdkMcpServerConfig_803
    PR46["PR #46"]
    PR46 -->|modifies| FisSdkMcpServerConfig_803
    PR75["PR #75"]
    PR75 -->|modifies| FisSdkMcpServerConfig_803
    PR88["PR #88"]
    PR88 -->|modifies| FisSdkMcpServerConfig_803
    FloadCliConfig_6977["loadCliConfig<br>config.ts"]
    PR86 -->|modifies| FloadCliConfig_6977
    PR106 -->|modifies| FloadCliConfig_6977
    PR112 -->|modifies| FloadCliConfig_6977
    PR113 -->|modifies| FloadCliConfig_6977
    PR114 -->|modifies| FloadCliConfig_6977
    PR117 -->|modifies| FloadCliConfig_6977
    PR36["PR #36"]
    PR36 -->|modifies| FloadCliConfig_6977
    PR46 -->|modifies| FloadCliConfig_6977
    PR75 -->|modifies| FloadCliConfig_6977
    PR88 -->|modifies| FloadCliConfig_6977
    FloadCommands_7884["loadCommands<br>BuiltinCommandLoader.ts"]
    PR86 -->|modifies| FloadCommands_7884
    PR107["PR #107"]
    PR107 -->|modifies| FloadCommands_7884
    PR87["PR #87"]
    PR87 -->|modifies| FloadCommands_7884
    PR9["PR #9"]
    PR9 -->|modifies| FloadCommands_7884
    PR96 -->|modifies| FloadCommands_7884
    FnormalizeConfigOutputFormat_803["normalizeConfigOutputFormat<br>config.ts"]
    PR86 -->|modifies| FnormalizeConfigOutputFormat_803
    PR106 -->|modifies| FnormalizeConfigOutputFormat_803
    PR112 -->|modifies| FnormalizeConfigOutputFormat_803
    PR113 -->|modifies| FnormalizeConfigOutputFormat_803
    PR114 -->|modifies| FnormalizeConfigOutputFormat_803
    PR117 -->|modifies| FnormalizeConfigOutputFormat_803
    PR18 -->|modifies| FnormalizeConfigOutputFormat_803
    PR75 -->|modifies| FnormalizeConfigOutputFormat_803
    PR88 -->|modifies| FnormalizeConfigOutputFormat_803
    FparseApprovalModeValue_6977["parseApprovalModeValue<br>config.ts"]
    PR86 -->|modifies| FparseApprovalModeValue_6977
    PR10["PR #10"]
    PR10 -->|modifies| FparseApprovalModeValue_6977
    PR112 -->|modifies| FparseApprovalModeValue_6977
    PR113 -->|modifies| FparseApprovalModeValue_6977
    PR114 -->|modifies| FparseApprovalModeValue_6977
    PR117 -->|modifies| FparseApprovalModeValue_6977
    PR21["PR #21"]
    PR21 -->|modifies| FparseApprovalModeValue_6977
    PR22["PR #22"]
    PR22 -->|modifies| FparseApprovalModeValue_6977
    PR36 -->|modifies| FparseApprovalModeValue_6977
    PR46 -->|modifies| FparseApprovalModeValue_6977
    PR88 -->|modifies| FparseApprovalModeValue_6977
    FparseArguments_6977["parseArguments<br>config.ts"]
    PR86 -->|modifies| FparseArguments_6977
    PR10 -->|modifies| FparseArguments_6977
    PR112 -->|modifies| FparseArguments_6977
    PR113 -->|modifies| FparseArguments_6977
    PR114 -->|modifies| FparseArguments_6977
    PR117 -->|modifies| FparseArguments_6977
    PR14["PR #14"]
    PR14 -->|modifies| FparseArguments_6977
    PR17["PR #17"]
    PR17 -->|modifies| FparseArguments_6977
    PR18 -->|modifies| FparseArguments_6977
    PR21 -->|modifies| FparseArguments_6977
    PR22 -->|modifies| FparseArguments_6977
    PR31["PR #31"]
    PR31 -->|modifies| FparseArguments_6977
    PR36 -->|modifies| FparseArguments_6977
    PR46 -->|modifies| FparseArguments_6977
    PR7["PR #7"]
    PR7 -->|modifies| FparseArguments_6977
    PR88 -->|modifies| FparseArguments_6977
    FuseDreamRunning_7690["useDreamRunning<br>Footer.tsx"]
    PR86 -->|modifies| FuseDreamRunning_7690
    PR112 -->|modifies| FuseDreamRunning_7690
    PR113 -->|modifies| FuseDreamRunning_7690
    PR114 -->|modifies| FuseDreamRunning_7690
    PR117 -->|modifies| FuseDreamRunning_7690
    PR88 -->|modifies| FuseDreamRunning_7690
    PR96 -->|modifies| FuseDreamRunning_7690

Loading

---

Posted by codegraph-ai conflict detection.