fix(brain): drop --approval-mode yolo from Gemini CLI search
yolo auto-approves every tool call, so a real-time search query could in principle trigger write/shell tools. Default approval mode still auto-runs the CLI's read-only web search in headless mode but never silently approves destructive tools. Verified end-to-end: a grounded query returns a current answer in ~23s with the account OAuth login. Test asserts yolo is absent; specs and docs/llm_contexts.md updated. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
@@ -33,8 +33,9 @@ info is fetched by a tool the reply engine calls. `STREAM_BROWSER` selects HOW:
|
||||
`UNTRUSTED WEB EXTRACT` envelope. Keeps the 39k-line Python brain dep-free.
|
||||
- Gemini has two auth sub-modes (`GEMINI_AUTH`):
|
||||
- `oauth` (default): shell out to the Gemini CLI (`gemini -p <query> -o json
|
||||
--skip-trust --approval-mode yolo`) authenticated by the user's Google
|
||||
account login. `GEMINI_API_KEY`/`GOOGLE_API_KEY` are stripped from the child
|
||||
--skip-trust`, default approval mode — read-only tools like web search run
|
||||
headless, but write/shell tools are never auto-approved) authenticated by
|
||||
the user's Google account login. `GEMINI_API_KEY`/`GOOGLE_API_KEY` are stripped from the child
|
||||
env, and `GOOGLE_GENAI_USE_GCA=true` is set, so the CLI uses the account
|
||||
login (not API-key auth) and fails fast when no login exists rather than
|
||||
erroring on "no auth method". The CLI is resolved from `PATH` or
|
||||
|
||||
Reference in New Issue
Block a user