From e5025b8c70cb7136b0ce0c795518808301577698 Mon Sep 17 00:00:00 2001
From: Kevin Fealey <kevin@appsecure.ai>
Date: Mon, 9 Feb 2026 01:18:09 -0500
Subject: [PATCH] feat: add CLAUDE_DANGEROUSLY_SKIP_PERMISSIONS env var support

Allows skipping CLI permission prompts via environment variable.

This is useful when integrating with orchestration layers (like OpenClaw)
that already handle their own security controls and permissions. By
delegating security to the calling application, the proxy behaves
consistently with direct API access where no interactive prompts occur.

Set CLAUDE_DANGEROUSLY_SKIP_PERMISSIONS=true to enable.
---
 src/subprocess/manager.ts | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/subprocess/manager.ts b/src/subprocess/manager.ts
index 6551a81..6730304 100644
--- a/src/subprocess/manager.ts
+++ b/src/subprocess/manager.ts
@@ -140,6 +140,14 @@ export class ClaudeSubprocess extends EventEmitter {
       prompt, // Pass prompt as argument (more reliable than stdin)
     ];
 
+    // Allow skipping permission prompts via environment variable.
+    // This delegates security controls to the calling application (e.g., an
+    // orchestration layer that already handles permissions), making the proxy
+    // behave consistently with direct API access.
+    if (process.env.CLAUDE_DANGEROUSLY_SKIP_PERMISSIONS === "true") {
+      args.push("--dangerously-skip-permissions");
+    }
+
     if (options.sessionId) {
       args.push("--session-id", options.sessionId);
     }