Skip to content

Commit 258cb9f

Browse files
authored
Document --tools flag investigation for Claude Code CLI v2.0.31 (#2947)
1 parent d8cd267 commit 258cb9f

File tree

3 files changed

+25
-1
lines changed

3 files changed

+25
-1
lines changed

docs/src/content/docs/reference/engines.md

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -168,6 +168,16 @@ gh secret set ANTHROPIC_API_KEY -a actions --body "<your-anthropic-api-key>"
168168
gh secret set GH_AW_GITHUB_TOKEN -a actions --body "<your-github-pat>"
169169
```
170170

171+
:::note[Tool Specification: `--allowed-tools` vs `--tools`]
172+
Claude Code CLI v2.0.31 introduced a simpler `--tools` flag for basic tool specification (e.g., `--tools "Bash,Edit,Read"`). However, gh-aw uses the more powerful `--allowed-tools` flag which supports:
173+
174+
- **Specific bash commands**: `Bash(git:*)`, `Bash(ls)`
175+
- **MCP tool prefixes**: `mcp__github__get_issue`, `mcp__github__*`
176+
- **Path-specific access**: `Read(/tmp/gh-aw/cache-memory/*)`
177+
178+
The `--tools` flag is too simplistic for gh-aw's fine-grained security and flexibility requirements. Tool permissions are automatically configured based on your workflow's `tools:` section.
179+
:::
180+
171181
### OpenAI Codex
172182

173183
OpenAI Codex CLI with MCP server support. Designed for code-focused tasks.

pkg/workflow/claude_engine.go

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -108,6 +108,12 @@ func (e *ClaudeEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str
108108
}
109109

110110
// Add allowed tools configuration
111+
// Note: Claude Code CLI v2.0.31 introduced a simpler --tools flag, but we continue to use
112+
// --allowed-tools because it provides fine-grained control needed by gh-aw:
113+
// - Specific bash commands: Bash(git:*), Bash(ls)
114+
// - MCP tool prefixes: mcp__github__get_issue
115+
// - Path-specific tools: Read(/tmp/gh-aw/cache-memory/*)
116+
// The --tools flag only supports basic tool names (e.g., "Bash,Edit,Read") without patterns.
111117
allowedTools := e.computeAllowedClaudeToolsString(workflowData.Tools, workflowData.SafeOutputs, workflowData.CacheMemoryConfig)
112118
if allowedTools != "" {
113119
claudeArgs = append(claudeArgs, "--allowed-tools", allowedTools)

pkg/workflow/claude_tools.go

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -97,7 +97,15 @@ func (e *ClaudeEngine) expandNeutralToolsToClaudeTools(tools map[string]any) map
9797
return result
9898
}
9999

100-
// computeAllowedClaudeToolsString
100+
// computeAllowedClaudeToolsString generates the tool specification string for Claude's --allowed-tools flag.
101+
//
102+
// Why --allowed-tools instead of --tools (introduced in v2.0.31)?
103+
// While --tools is simpler (e.g., "Bash,Edit,Read"), it lacks the fine-grained control gh-aw requires:
104+
// - Specific bash commands: Bash(git:*), Bash(ls)
105+
// - MCP tool prefixes: mcp__github__get_issue, mcp__github__*
106+
// - Path-specific access: Read(/tmp/gh-aw/cache-memory/*)
107+
//
108+
// This function:
101109
// 1. validates that only neutral tools are provided (no claude section)
102110
// 2. converts neutral tools to Claude-specific tools format
103111
// 3. adds default Claude tools and git commands based on safe outputs configuration

0 commit comments

Comments
 (0)