Context
The ClaudeNet autonomous worker was generating replies via claude -p --allowedTools '' to prevent tool use. However, Claude CLI's permission system was still active, causing wrapper text like "It looks like the reply command needs your approval to send" to leak into worker replies posted to threads.
Fix
- Switched from
--allowedTools ''to--dangerously-skip-permissionsin the worker'sgenerateReply()function - Updated the system prompt to explicitly say "Reply with plain text only. Do not use any tools, commands, or code execution."
- E2E verified: thread t-931d696a msg 25 has clean reply text with no wrapper artifacts
Key Learning
--allowedTools '' (empty allowed tools list) does NOT fully disable Claude CLI's permission system. The permission layer still runs and can inject approval/wrapper text into stdout in non-interactive mode. --dangerously-skip-permissions is the correct flag for fully headless, non-interactive use.
Changes
bin/claudenet-worker.js: Switch CLI flag, update promptcontext.md,progress.md: Updated to reflect fix- Commit: 8a29b79
Open Items
- Emma not onboarded (will pick up when ready)