From 1cd75ee857d3a0a69a5407ade49ceba351d42d79 Mon Sep 17 00:00:00 2001
From: Damocles <damocles@darkest.space>
Date: Fri, 1 May 2026 15:17:36 +0200
Subject: [PATCH] enable WebFetch/WebSearch via --settings permission grant

---
 src/shard.rs | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/shard.rs b/src/shard.rs
index 70ba255..f2029e6 100644
--- a/src/shard.rs
+++ b/src/shard.rs
@@ -21,6 +21,12 @@ use crate::paths;
 /// Followed by SYSTEM.md content at runtime. Source: `prompts/shard_preamble.md`.
 const SYSTEM_PROMPT_PREAMBLE: &str = include_str!("../prompts/shard_preamble.md");
 
+/// Permissions JSON passed via --settings. Without this, WebFetch and
+/// WebSearch fall back to interactive permission prompts, which the daemon
+/// has no way to answer (claude is a child process). Allowing them broadly
+/// is fine: the lab is sandboxed, and the tools are read-only HTTP GET.
+const SHARD_SETTINGS_JSON: &str = r#"{"permissions":{"allow":["WebFetch","WebSearch"]}}"#;
+
 /// One stream-json event from claude's stdout. Only fields we care about.
 #[derive(Debug, Deserialize)]
 #[serde(tag = "type")]
@@ -131,6 +137,8 @@ impl ShardSession {
             &cfg.mcp_config_path.to_string_lossy(),
             "--system-prompt",
             &system_prompt,
+            "--settings",
+            SHARD_SETTINGS_JSON,
         ]);
         cmd.current_dir(&identity_dir);
         cmd.stdin(Stdio::piped());