gut(backend+docs): remove autoAllowSkills from exec-approvals (#2538)

[alexey-pelykh]

Summary

Closes #2538. Follow-up to #2524 / #2535 (UI side, merged at b13e053c7d). The skills marketplace is gutted per CLAUDE.md § Fork Context ("What's being removed"); autoAllowSkills is dead weight — runtime no longer reads it, UI no longer sends it. This PR strips the residual backend schema field and the user-facing docs surface.

Pure subtraction: 3 insertions, 27 deletions across 5 files.

Scope

In scope (per issue):

• Backend TypeBox schema field
• 3 user-facing doc files (docs/tools/exec.md, docs/tools/exec-approvals.md, docs/gateway/security/index.md)

In scope (surfaced during polish review, same-feature orphans):

• docs/gateway/protocol.md — "Node helper methods" subsection documenting the gutted skills.bins RPC "for auto-allow checks". The RPC itself was gutted in gut: close #2337 AC grep gaps — stale vi.mock + dangling gateway method entries #2413/gut: close #2337 AC grep gaps — stale vi.mock + dangling gateway methods (#2413) #2448; this doc line was missed.

Out of scope (explicitly deferred):

• apps/macos/Sources/RemoteClaw/*.swift — 19 hits across SystemRunSettingsView.swift, ExecApprovals.swift, ExecApprovalEvaluation.swift. Native gut is coordinated under spike(native): audit Android/iOS/macOS for gutted-feature parallels (deferred per native-release policy) #2527 (native-release policy).
• docs/refactor/*.md — historical audit docs tracking the gut work itself (docs-gutted-feature-audit.md explicitly references gut(backend+docs): remove autoAllowSkills from config schema and documentation #2538 as the tracker). These are meta-documentation; their references describe the cleanup, not a feature surface, and are preserved by design.

Changes

File	Change
src/gateway/protocol/schema/exec-approvals.ts	Drop autoAllowSkills from ExecApprovalsPolicyFields (spreads into both ExecApprovalsDefaultsSchema + ExecApprovalsAgentSchema)
docs/tools/exec.md	Remove the 3-line "autoAllowSkills is a separate convenience path..." paragraph
docs/tools/exec-approvals.md	Drop 2 autoAllowSkills keys from JSON schema example; remove entire ## Auto-allow skill CLIs section (12 lines); trim "or skill auto-allow" from allowlist-chaining prose
docs/gateway/security/index.md	Drop autoAllowSkills from exec-drift parenthetical; delete tools.exec.auto_allow_skills_enabled audit-code table row (no src/ emitter — verified via grep)
docs/gateway/protocol.md	Delete the now-empty ### Node helper methods subsection documenting skills.bins RPC "for auto-allow checks"

Risk assessment

Low. Pure subtraction; no runtime behavior change.

On-disk ~/.remoteclaw/exec-approvals.json with autoAllowSkills: Existing files that still carry the field will be gracefully ignored. The field is dropped on first UI round-trip because the UI's typed state (ExecApprovalsDefaults / ExecApprovalsAgent in ui/src/ui/controllers/exec-approvals.ts) no longer declares autoAllowSkills after #2535, and no code path in src/ validates the stored file against ExecApprovalsFileSchema on load (verified: zero validateExecApprovalsSet/ExecApprovalsFileSchema consumers outside the protocol export barrel). The strict additionalProperties: false validator only runs against incoming RPC params, not the stored file at rest.

Acceptance criteria

• grep -rn 'autoAllowSkills' src/ docs/ returns zero hits in user-facing surfaces (macOS native + audit docs excluded per scope — see above)
• pnpm check green — format (5113 files) + lint (3926 files) + typecheck + CSS class drift: 0 warnings, 0 errors
• pnpm test green — 7010 passed, 3 skipped across 799 test files; 288 passed in parallel suite
• pnpm test:ui:smoke green — 12 passed, 2 suites
• No existing config files in the repo tree carry the field (verified via grep excluding apps/macos/ and docs/refactor/)

AC interpretation note on grep -rn 'autoAllowSkills' src/ docs/

After issue #2538 was filed, PR #2551 (docs(audit): inventory docs/** refs to gutted features) merged docs/refactor/docs-gutted-feature-audit.md and docs/refactor/ui-test-fixture-audit-2528.md, which are historical/meta audit documents cataloging the gut work. Those files mention autoAllowSkills to describe the removal being tracked — they are not feature surface. The audit doc explicitly classifies the three user-facing hits as STALE and links to #2538 as the tracker; those hits are what this PR eliminates. Interpreting the AC's "zero hits in docs/" strictly would require stripping the very word autoAllowSkills from the entries that track the PR itself, which would break the audit trail. The semantic intent (purge the feature from user-facing documentation) is met.

Verification

• Fork-integrity gates: throwing-stub-callers 0 violations; zombie-imports clean; stub-debt baseline 126 == 126 unchanged; obsolescence-audit baseline 49 == 49 unchanged
• Polish converged in 3 fresh-context iterations (iter-1 found 2 orphans using snake_case + prose variants; iter-2 found 1 same-feature orphan in docs/gateway/protocol.md documenting the gutted skills.bins RPC; iter-3 CLEAN)

🤖 Generated with Claude Code