[BUG] `claude -p` / `claude --print` has control-plane parity risks across hooks, permissions, skills, MCP, auth, and subagents
Parent tracking issue: https://github.com/anthropics/claude-code/issues/59105
Context note: This is a frontend/product-boundary parity issue, not a criticism
of any individual implementation. Since -p / --print behavior is already a
known pain point, and upcoming mid-June frontend-facing changes may depend on
predictable CLI/TUI parity, this should be evaluated as a user-facing parity
risk. The goal is to reduce verification time and avoid customer-facing
regressions with potential business impact.
Summary
There is a broad cluster of existing issues where claude -p or headless
execution behaves differently from interactive Claude Code. Our packet capture
shows a plausible shared substrate: -p is classified as sdk-cli and receives
a different request scaffold from TUI.
This ticket is a routing ticket for control-plane parity. The concern is not
only output formatting; it is whether frontend-facing print workflows run the
same product contract as manual TUI operation.
Local evidence
In Claude Code 2.1.141, compared to TUI main-thread traffic, claude -p sends:
source=sdkUser-Agent ... sdk-clicc_entrypoint=sdk-cli- SDK identity prompt
- beta header missing
redact-thinking-2026-02-12 - different tool contract
- different default tool guidance
This means hooks, tools, permissions, skills, MCP, auth, and subagents may be
running under a different control-plane path.
Rediscovery track
Treat every print/headless control-plane report as a same-state capture problem
first. Keep Claude Code version, model, working directory, trust state, config,
prompt, and input format aligned, then compare print mode only against TUIsource=repl_main_thread.
Record the request source, User-Agent entrypoint segment, attributionsystem block, identity system block, beta header set, tools[].name, user
and system block counts, and any hook/MCP/permission/skill logs for that same
invocation. When following the source, use topology: startup classification,
config/trust loading, hook lifecycle, permission selection, MCP/skill discovery,
tool filtering, request builder, HTTP client.
Related upstream issues
Security / permissions / hooks:
- #33343 -
PreToolUsehooks and--allowedToolsnot enforced in headless-p - #40506 -
PreToolUsehooks do not fire in non-interactive mode - #38651 -
Stophook causes empty result in print mode - #48840 - request for
--no-hooksinclaude -p - #47871 -
claude -pfromSessionEndhook can recursively create child sessions
Skills:
- #36570 -
claude -pdoes not trigger skills - #44756 - skills silently fail in print mode with exit 0
- #32184 - skill auto-triggering recall is 0% in headless mode
MCP / plugins:
- #39271 - HTTP MCP bearer token regression in
claude -p - #50777 -
claude -phangs after completion because MCP servers are not cleaned up - #51785 - MCP elicitation docs missing print and Agent SDK handling
- #50655 - plugin-manifest leak from
claude -pin pre-commit hook
Auth / cost:
- #39453 - non-interactive
-pcannot use existing Claude Pro login - #51047 -
claude --bare -preports not logged in - #46262 -
claude -pgets 402 billing error through gateway - #37686 - unintended API billing after
claude -precommendation - #57096 -
claude -prejected for extra usage despite Max quota
Subagents / orchestration:
- #52917 -
claude -pexits before background subagents complete - #56540 - non-TTY
-phangs on parallel Task fan-out - #56268 -
claude -psilent-freeze from long-running orchestrator - #55802 - many headless
sdk-clisessions launched on startup
Why this matters
Control-plane drift is serious for production users:
--allowedToolsand hooks are often treated as safety controls- skills and MCP are often treated as capability controls
- auth and billing determine which account/product surface is used
- subagents and Task tools affect work decomposition and completion
If these differ between TUI and frontend-facing print workflows, then companies
cannot reliably audit, reproduce, or certify Claude Code behavior.
Expected
Claude Code should have a documented parity contract:
- which control-plane features are guaranteed to behave the same in TUI and
-p
- which features intentionally differ
- what happens when a TUI-only feature is requested in headless mode
- whether
-pis a CLI output mode or an SDK/headless product mode
Silent divergence should be treated as a bug.
Suggested fix
- Fix entrypoint classification so plain
-pdoes not implysdk-cli. - Add regression tests that compare request scaffold and control-plane behavior
between TUI and -p.
- For any intentional differences, emit explicit warnings/errors and document
them.
- Ensure security controls (
--allowedTools, hooks) either work or fail closed
in headless mode.
This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗