Problem
The runner still depends on --dangerously-skip-permissions in Claude-facing execution paths.
That is incompatible with the current v4 direction: Fido should run in a more tightly constrained GitHub Actions-hosted environment rather than relying on broad local bypass permissions.
Desired behavior
In the v4 architecture, Fido runs in GitHub Actions with an explicit tool/permission model and without bypass-permissions mode.
Scope
- remove the assumption that Claude-facing execution can rely on
--dangerously-skip-permissions
- define the constrained permission/tool model needed for the hosted runner
- align the execution model with the v4 hardened Actions environment instead of an implicitly trusted local machine
This issue is about the runner hardening boundary, not every repo-specific allowlist detail.
Done when
- the v4 runner model no longer depends on bypass-permissions execution
- the hosted environment has an explicit permission/tool boundary
- the issue text matches the current Actions-hosted hardening roadmap
Problem
The runner still depends on
--dangerously-skip-permissionsin Claude-facing execution paths.That is incompatible with the current v4 direction: Fido should run in a more tightly constrained GitHub Actions-hosted environment rather than relying on broad local bypass permissions.
Desired behavior
In the v4 architecture, Fido runs in GitHub Actions with an explicit tool/permission model and without bypass-permissions mode.
Scope
--dangerously-skip-permissionsThis issue is about the runner hardening boundary, not every repo-specific allowlist detail.
Done when