feat(agents): allow custom command args and env vars per agent

[naaa760]

fix: #910

allow custom command and env vars per agent

• Additional parameters – Extra flags appended to the agent command (e.g. --enable-all-github-mcp-tools).
• Environment variables – Key/value pairs set when the agent runs (local and remote).

-- Configure in Settings → Agents via the gear icon next to each agent. Stored per agent; applied for direct spawn, shell fallback, and remote PTYs. No new dependencies.

[vercel]

@naaa760 is attempting to deploy a commit to the General Action Team on Vercel.

A member of the Team first needs to authorize it.

[greptile-apps]

Greptile Summary

This PR implements per-agent custom command arguments and environment variables, allowing users to configure additional CLI flags (like --enable-all-github-mcp-tools) and environment variables for each agent through the Settings UI.

Implementation:

• Extended ProviderCustomConfig with extraArgs (string) and env (Record<string, string>) fields
• Added UI in CustomCommandModal.tsx with key-value editing for environment variables
• Modified PTY spawn logic in ptyManager.ts and ptyIpc.ts to merge custom config into all spawn paths (direct, shell fallback, remote SSH)
• Applied security validation: environment variable keys are validated against /^[A-Za-z_][A-Za-z0-9_]*$/ at normalization, resolution, and spawn time
• Shell arguments from extraArgs are parsed using existing parseShellArgs function and properly quoted with quoteShellArg for remote invocations

Security posture:

• Environment variable key validation prevents shell injection via malformed variable names
• All remote shell arguments are quoted using POSIX single-quote wrapping
• Validation is applied consistently across settings storage, config resolution, and all PTY spawn paths
• Follows existing security patterns documented in AGENTS.md

Confidence Score: 5/5

• This PR is safe to merge with proper security validation in place
• The implementation follows existing security patterns documented in AGENTS.md, applies environment variable validation at all critical points using the standard regex pattern, properly escapes shell arguments using quoteShellArg, and integrates cleanly with the existing PTY spawn architecture across direct, fallback, and remote execution paths. No security vulnerabilities or logical errors were identified.
• No files require special attention

Important Files Changed

Filename	Overview
src/main/services/ptyManager.ts	Adds extraArgs and env to provider config resolution and CLI arg building. Environment variable keys are validated with regex /^[A-Za-z_][A-Za-z0-9_]*$/ at multiple points to prevent injection attacks. Shell arguments from extraArgs are properly parsed using parseShellArgs.
src/main/services/ptyIpc.ts	Updated buildRemoteProviderInvocation to include extraArgs in remote shell commands. Environment variables from custom config are merged into remote PTY sessions with proper validation. All shell arguments are quoted using quoteShellArg for injection safety.
src/main/settings.ts	Extended ProviderCustomConfig interface with extraArgs and env fields. Settings normalization validates environment variable names using the same regex pattern to ensure only valid POSIX variable names are persisted.
src/renderer/components/CustomCommandModal.tsx	Added UI for additional parameters (extraArgs) and environment variables with add/remove functionality. Form state includes validation and filtering of empty environment variable keys before submission. Environment variables are converted to/from key-value pairs for editing.
src/renderer/types/electron-api.d.ts	Added extraArgs and env type definitions to ProviderCustomConfig to support custom command arguments and environment variables per agent.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[User configures agent in Settings UI] --> B[CustomCommandModal.tsx]
    B --> C[Save extraArgs + env to settings]
    C --> D[settings.ts validates env keys]
    D --> E[Stored in ProviderCustomConfig]
    
    F[Agent spawn requested] --> G[resolveProviderCommandConfig]
    G --> H{Config type?}
    
    H -->|extraArgs| I[parseShellArgs extraArgs]
    H -->|env| J[Validate env keys with regex]
    
    I --> K[buildProviderCliArgs]
    J --> L[Merge into useEnv]
    
    K --> M{Spawn type?}
    L --> M
    
    M -->|Direct PTY| N[startDirectPty]
    M -->|Shell fallback| O[startPty]
    M -->|Remote SSH| P[startSshPty]
    
    N --> Q[Spawn with merged env + args]
    O --> Q
    P --> R[Quote with quoteShellArg]
    R --> S[SSH to remote + export env]

Loading

_{Last reviewed commit: 6826c54}

[arnestrickmann]

Hey @naaa760, thanks for the PR! Please run pnpm run format so that ci is happy

[naaa760]

@arnestrickmann
done!