Skip to main content
Status: accepted · ADR-39 · Filed 2026-04-30

Title

Installation/config ownership includes launcher approval contracts

Decision

Prism install/update owns the generated editor MCP config and the coder launcher contract for all supported agent surfaces. Agents should not hand-edit ~/.claude.json, ~/.codex/config.toml, ~/.cursor/mcp.json, claude_desktop_config.json, or launcher flags as the normal fix path; they should update the Prism source of truth and let prism install / prism update propagate the change. The launcher approval contract is part of that install/config surface:
  • Claude Code coder -god maps to --dangerously-skip-permissions.
  • Codex coder -god maps to --dangerously-bypass-approvals-and-sandbox.
  • Codex --full-auto is explicitly not sufficient for Prism god mode because it remains a sandboxed low-friction mode and can still leave approval prompts in the loop.
  • Normal Codex modes remain -mode interactive -> --ask-for-approval on-request, -mode autonomous -> --ask-for-approval never, and autonomy -> --sandbox ....
prism install / prism update must run the Codex launcher smoke after wiring configs and launchers. The smoke must fail if coder -agent codex -god emits --ask-for-approval, emits --sandbox, or maps to anything weaker than --dangerously-bypass-approvals-and-sandbox.

Rationale

This failure came from a subtle mismatch: Prism’s -god flag conveyed operator intent that Codex should stop asking for script approvals, but the launcher mapped it to --full-auto, which is not the strongest Codex approval bypass. In a multi-agent environment, one stale launcher or stale config means one persona behaves differently from the others, making delivery and autonomy failures look like agent judgment problems rather than config drift. Install/config ownership needs to be explicit because these files are shared infrastructure:
  • bin/coder.sh and bin/coder.ps1 are the launch contract.
  • cli/src/index.ts writes editor MCP config and installs launchers.
  • docs/INSTALL.md, SPEC-021, and SPEC-048 document the operator-facing contract.
  • bin/smoke_coder_codex.sh enforces the Codex CLI mapping.
Putting this in the install/config governance layer prevents future agents from rediscovering --full-auto in old docs and reintroducing it as if it were valid.

Alternatives Considered

  1. Keep --full-auto and rely on Codex MCP approval config. Rejected: this does not address shell/script approval prompts and already failed in practice.
  2. Patch only the local ~/.codex/config.toml. Rejected: local config edits do not fix launcher behavior, do not propagate across agents/machines, and drift on the next install/update.
  3. Patch only bin/coder.sh. Rejected: Windows parity matters, and coder.ps1 must match the bash launcher.
  4. Patch launchers but skip docs/tests. Rejected: stale specs were the path back to the bad mapping.

Status

accepted

References

  • SPEC-021 launcher contract
  • SPEC-048 Codex app-server / launcher smoke contract
  • bin/coder.sh
  • bin/coder.ps1
  • bin/smoke_coder_codex.sh
  • cli/src/index.ts
  • docs/INSTALL.md
Last modified on May 3, 2026