What happened?
When in Plan Mode, calling write_file to create the plan file fails with a sandbox error:
Error checking existing file: Sandbox Error: read_file failed for '...plans/cross-project-session-cleanup.md'. Exit code 71. Details: sandbox-exec: execvp() of '__read' failed: No such file or directory
The issue is that write_file apparently tries to read_file the target path first (to check if it exists), and this fails when the parent directory doesn't exist yet. In Plan Mode, run_shell_command is blocked (read-only tools only), so you can't mkdir -p to create the parent directory either.
This creates a deadlock: you can't exit Plan Mode without creating the plan file, but you can't create the plan file because its parent directory doesn't exist and you can't create it.
Reproduction steps:
- Enter Plan Mode via
enter_plan_mode
- Attempt to write a plan file to a path where the parent directory doesn't yet exist (e.g., the session's
plans/ subdirectory hasn't been created)
write_file fails with the sandbox error aboverun_shell_command to mkdir -p is blocked: "You are in Plan Mode with access to read-only tools"exit_plan_mode requires the plan file to exist first- Agent is stuck — user must manually exit plan mode
What did you expect to happen?
Either:
write_file should handle the case where the parent directory doesn't exist (it claims to "automatically create missing parent directories")- Or Plan Mode should allow creating the plans directory structure
- Or
exit_plan_mode should not require the plan file to exist (e.g., allow exiting with user-approved plans from the chat context)
Client information
Client Information
Platform: macOS (darwin)
Anything else we need to know?
The write_file tool description says it "automatically creates missing parent directories," but the sandbox read_file pre-check fails before it gets to the mkdir step. The error code 71 (EPROTOTYPE / sandbox violation) suggests the sandbox policy doesn't allow the read check on a non-existent path in that directory tree.
The workaround is for the user to manually type "I exited plan mode for you" to unblock the agent.
What happened?
When in Plan Mode, calling
write_fileto create the plan file fails with a sandbox error:The issue is that
write_fileapparently tries toread_filethe target path first (to check if it exists), and this fails when the parent directory doesn't exist yet. In Plan Mode,run_shell_commandis blocked (read-only tools only), so you can'tmkdir -pto create the parent directory either.This creates a deadlock: you can't exit Plan Mode without creating the plan file, but you can't create the plan file because its parent directory doesn't exist and you can't create it.
Reproduction steps:
enter_plan_modeplans/subdirectory hasn't been created)write_filefails with the sandbox error aboverun_shell_commandtomkdir -pis blocked: "You are in Plan Mode with access to read-only tools"exit_plan_moderequires the plan file to exist firstWhat did you expect to happen?
Either:
write_fileshould handle the case where the parent directory doesn't exist (it claims to "automatically create missing parent directories")exit_plan_modeshould not require the plan file to exist (e.g., allow exiting with user-approved plans from the chat context)Client information
Client Information
Platform: macOS (darwin)
Anything else we need to know?
The
write_filetool description says it "automatically creates missing parent directories," but the sandboxread_filepre-check fails before it gets to themkdirstep. The error code 71 (EPROTOTYPE/ sandbox violation) suggests the sandbox policy doesn't allow the read check on a non-existent path in that directory tree.The workaround is for the user to manually type "I exited plan mode for you" to unblock the agent.