[Feature Request] Expose auto-mode denial reason in PermissionDenied hook payload

Open 💬 0 comments Opened Jun 30, 2026 by pana-ce

Bug Description
---Feature request: expose the auto-mode denial reason in the PermissionDenied hook payload Since v2.1.193 you surface auto-mode denial reasons in the transcript, the denial toast, and /permissions. But the PermissionDenied hook input still only carries tool_name, tool_input + the common fields — no denial reason. So a hook cannot distinguish a genuine policy block from a classifier infrastructure failure (e.g. "temporarily unavailable", "could not evaluate this action and is blocking it for safety", "classifier transcript exceeded context window") without parsing the transcript text, which is brittle. Request: pass the same denial reason you already compute into the PermissionDenied hook input — e.g. a denial_reason (string) and/or a structured denial_type enum (policy_block | classifier_unavailable | classifier_error | context_overflow). This lets hooks reliably route/skip classifier-infra denials vs real policy denials. (On 2.1.197. With autoMode.classifyAllShell now routing all shell through the classifier, infra-abort denials are more common.)

Environment Info

  • Platform: darwin
  • Terminal: WarpTerminal
  • Version: 2.1.168
  • Feedback ID: 6e6c2f75-db1a-4163-a1ba-a86175051ac8

Errors

[]

View original on GitHub ↗