Skip to content

harness + fullsend run: human approval UX for restricted permissions #2829

Description

@ifireball

What happens

Operators lack a clear flow to signal that restricted work is needed, grant approval, be alerted when approval is missing, and understand when prior approval was invalidated. PR #2548 prototyped label-based UX but was not merged.

What should happen

A documented operator flow covers: requesting restricted permission, granting approval, blocked-state alerts from fullsend run, and invalidation when untrusted input arrives after grant. Exact mechanism (labels, slash commands, etc.) to be decided in #2821.

Blocked on: #2821 (ADR acceptance)

Context

  • Epic: #2822
  • Closes #470 (with deterministic execution issue in this epic)

Metadata

Metadata

Assignees

No one assigned

    Labels

    blockedBlocked by another issue or external dependencycomponent/dispatchWorkflow dispatch and triggerscomponent/harnessAgent harness, config, and skills loadingtype/featureNew capability request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    Status
    Todo

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions