Better Harness Tools, not merely storing the archive of leaked Claude Code but also make real things done. Now rewriting in Rust.

Go to file

YeonGyu-Kim eabd257968 ROADMAP #101 : RUSTY_CLAUDE_PERMISSION_MODE env var silently fails OPEN to danger-full-access on any invalid value Dogfooded 2026-04-18 on main HEAD `d63d58f` from /tmp/cdV. Qualitatively worse than #96-#100 silent-flag class because this is fail-OPEN, not fail-inert: operator intent 'restrict this lane' silently becomes 'full access.' Tested matrix: VALID → correct mode: read-only → read-only workspace-write → workspace-write danger-full-access → danger-full-access ' read-only ' → read-only (trim works) INVALID → silent danger-full-access: '' → danger-full-access 'readonly' → danger-full-access (typo: missing hyphen) 'read_only' → danger-full-access (typo: underscore) 'READ-ONLY' → danger-full-access (case) 'ReadOnly' → danger-full-access (case) 'dontAsk' → danger-full-access (config alias not recognized by env parser, but ultimate default happens to be dfa) 'garbage' → danger-full-access (pure garbage) 'readonly\n' → danger-full-access CLI asymmetry: --permission-mode readonly → loud structured error. Same misspelling, same input, opposite outcomes via env vs CLI. Trace: main.rs:1099-1107 default_permission_mode: env::var(...).ok().and_then(normalize_permission_mode) .or_else(config...).unwrap_or(DangerFullAccess) → .and_then drops error context on invalid; .unwrap_or fail-OPEN to most permissive mode main.rs:5455-5462 normalize_permission_mode accepts 3 canonical; runtime/config.rs:855-863 parse_permission_mode_label accepts 7 including config aliases (default/plan/acceptEdits/auto/dontAsk). Two parsers, disagree on accepted set, no shared source of truth. Plus: env var RUSTY_CLAUDE_PERMISSION_MODE is UNDOCUMENTED. grep of README/docs/help returns zero hits. Fix shape (~60 lines total): - rewrite default_permission_mode to surface invalid values via Result - share ONE parser across CLI/config/env (extract from config.rs:855) - decide broad (7 aliases) vs narrow (3 canonical) accepted set - document the env var in --help Environment section - add doctor check surfacing permission_mode.source attribution - optional: rename to CLAW_PERMISSION_MODE with deprecation alias Joins permission-audit sweep (#50/#87/#91/#94/#97/#101) on the env axis. Completes the three-way input-surface audit: CLI + config + env. Cross-cluster with silent-flag #96-#100 (worse variant: fail-OPEN) and truth-audit (#80-#87, #89, #100) (operator can't verify source). Natural 6-way bundle: #50 + #87 + #91 + #94 + #97 + #101 closes the entire permission-input attack surface in one pass. Filed in response to Clawhip pinpoint nudge 1494789577687437373 in #clawcode-building-in-public.		2026-04-18 05:04:28 +09:00
.claude/sessions	fix: tool input {} prefix bug, tool display after accumulation, max_iterations unlimited	2026-04-01 02:24:18 +00:00
.github	Close the clawability backlog with deterministic CLI output and lane lineage	2026-04-05 18:41:02 +00:00
assets	Refresh docs to match ultraworkers/claw-code source of truth	2026-04-05 18:11:25 +00:00
docs	US-010: Add model compatibility documentation	2026-04-16 10:55:58 +00:00
rust	US-024: Add token limit metadata for kimi models	2026-04-17 04:15:38 +00:00
src	chore: additional AI slop cleanup and enforcer wiring from sessions 1/5	2026-04-03 18:35:27 +09:00
tests	Rewriting Project Claw Code - Python port with Rust on the way	2026-03-31 08:16:20 -07:00
.claude.json	feat: default OAuth config for API endpoint, merge UI polish rendering	2026-04-01 03:20:26 +00:00
.gitignore	Keep local clawhip artifacts from tripping routine repo work	2026-04-12 14:47:40 +00:00
CLAUDE.md	feat: default OAuth config for API endpoint, merge UI polish rendering	2026-04-01 03:20:26 +00:00
Containerfile	Document a repeatable container workflow for the Rust workspace	2026-04-05 18:11:25 +00:00
PARITY.md	docs(PARITY.md): comprehensive status update — all 9 lanes merged, stubs replaced	2026-04-03 19:39:28 +09:00
PHILOSOPHY.md	docs: add philosophy document for autonomous claw development	2026-04-04 16:51:51 +00:00
README.md	Make ACP/Zed status obvious before users go source-diving	2026-04-16 03:13:50 +00:00
ROADMAP.md	ROADMAP #101 : RUSTY_CLAUDE_PERMISSION_MODE env var silently fails OPEN to danger-full-access on any invalid value	2026-04-18 05:04:28 +09:00
USAGE.md	Align auth docs with the removed login/logout surface	2026-04-11 17:28:47 +00:00
install.sh	feat: b6-codex-session — batch 6	2026-04-07 15:52:30 +09:00
prd.json	US-024: Add token limit metadata for kimi models	2026-04-17 04:15:38 +00:00
progress.txt	US-011: Performance optimization for API request serialization	2026-04-16 11:11:45 +00:00

README.md

Claw Code

ultraworkers/claw-code · Usage · Rust workspace · Parity · Roadmap · UltraWorkers Discord

Claw Code

Claw Code is the public Rust implementation of the claw CLI agent harness. The canonical implementation lives in rust/, and the current source of truth for this repository is ultraworkers/claw-code.

[!IMPORTANT] Start with USAGE.md for build, auth, CLI, session, and parity-harness workflows. Make claw doctor your first health check after building, use rust/README.md for crate-level details, read PARITY.md for the current Rust-port checkpoint, and see docs/container.md for the container-first workflow.

ACP / Zed status: claw-code does not ship an ACP/Zed daemon entrypoint yet. Run claw acp (or claw --acp) for the current status instead of guessing from source layout; claw acp serve is currently a discoverability alias only, and real ACP support remains tracked separately in ROADMAP.md.

Current repository shape

rust/ — canonical Rust workspace and the claw CLI binary
USAGE.md — task-oriented usage guide for the current product surface
PARITY.md — Rust-port parity status and migration notes
ROADMAP.md — active roadmap and cleanup backlog
PHILOSOPHY.md — project intent and system-design framing
src/ + tests/ — companion Python/reference workspace and audit helpers; not the primary runtime surface

Quick start

[!NOTE] [!WARNING] cargo install claw-code installs the wrong thing. The claw-code crate on crates.io is a deprecated stub that places claw-code-deprecated.exe — not claw. Running it only prints "claw-code has been renamed to agent-code". Do not use cargo install claw-code. Either build from source (this repo) or install the upstream binary:
cargo install agent-code   # upstream binary — installs 'agent.exe' (Windows) / 'agent' (Unix), NOT 'agent-code'
This repo (ultraworkers/claw-code) is build-from-source only — follow the steps below.

# 1. Clone and build
git clone https://github.com/ultraworkers/claw-code
cd claw-code/rust
cargo build --workspace

# 2. Set your API key (Anthropic API key — not a Claude subscription)
export ANTHROPIC_API_KEY="sk-ant-..."

# 3. Verify everything is wired correctly
./target/debug/claw doctor

# 4. Run a prompt
./target/debug/claw prompt "say hello"

[!NOTE] Windows (PowerShell): the binary is claw.exe, not claw. Use .\target\debug\claw.exe or run cargo run -- prompt "say hello" to skip the path lookup.

Windows setup

PowerShell is a supported Windows path. Use whichever shell works for you. The common onboarding issues on Windows are:

Install Rust first — download from https://rustup.rs/ and run the installer. Close and reopen your terminal when it finishes.
Verify Rust is on PATH:
```
cargo --version
```
If this fails, reopen your terminal or run the PATH setup from the Rust installer output, then retry.

Clone and build (works in PowerShell, Git Bash, or WSL):

git clone https://github.com/ultraworkers/claw-code
cd claw-code/rust
cargo build --workspace

Run (PowerShell — note .exe and backslash):

$env:ANTHROPIC_API_KEY = "sk-ant-..."
.\target\debug\claw.exe prompt "say hello"

Git Bash / WSL are optional alternatives, not requirements. If you prefer bash-style paths (/c/Users/you/... instead of C:\Users\you\...), Git Bash (ships with Git for Windows) works well. In Git Bash, the MINGW64 prompt is expected and normal — not a broken install.

[!NOTE] Auth: claw requires an API key (ANTHROPIC_API_KEY, OPENAI_API_KEY, etc.) — Claude subscription login is not a supported auth path.

Run the workspace test suite:

cd rust
cargo test --workspace

Documentation map

USAGE.md — quick commands, auth, sessions, config, parity harness
rust/README.md — crate map, CLI surface, features, workspace layout
PARITY.md — parity status for the Rust port
rust/MOCK_PARITY_HARNESS.md — deterministic mock-service harness details
ROADMAP.md — active roadmap and open cleanup work
PHILOSOPHY.md — why the project exists and how it is operated

Ecosystem

Claw Code is built in the open alongside the broader UltraWorkers toolchain:

Ownership / affiliation disclaimer

This repository does not claim ownership of the original Claude Code source material.
This repository is not affiliated with, endorsed by, or maintained by Anthropic.