readonlyReviewerArgv
readonlyReviewerArgv(
model,prompt,thinkingTokens?):object
Defined in: src/reviewer-argv.ts:14
Build the argv for a read-only adversarial reviewer agent (PR critic + plan reviewer share it).
Deliberately NOT —dangerously-skip-permissions: the agent inspects UNTRUSTED input (a PR diff
or agent-written plan text), so a prompt-injection hidden there must not be able to run commands
or escape its disposable worktree. dontAsk auto-denies anything off the allowlist (an
unattended PTY would otherwise hang on a permission prompt); the allowlist is read-only
inspection + read-only git + writing files in its own disposable worktree. The sandbox is also
MCP-isolated: —safe-mode disables MCP loading (file + plugin sources) plus other
customizations, and enableAllProjectMcpServers (in —settings) pre-approves the repo’s project
.mcp.json so Claude’s interactive “N new MCP servers found” approval gate never renders to hang
the unattended pane — that gate is SEPARATE from loading, and dontAsk does not suppress it.
Parameters
Section titled “Parameters”string | null
prompt
Section titled “prompt”string
thinkingTokens?
Section titled “thinkingTokens?”number
Returns
Section titled “Returns”object
argv:
string[]
sessionId
Section titled “sessionId”sessionId:
string