Problem
mcs pack update may prompt for interactive trust approval when packs contain new or modified scripts (PackTrustManager.promptForTrust). This makes it impossible to run from within Claude Code or any non-interactive environment (CI, automation, hooks).
Currently the SessionStart update hook can detect available updates but cannot apply pack updates — it must direct users to a separate terminal.
Proposal
Add a flag (e.g., --skip-untrusted) to mcs pack update that enables non-interactive operation:
- Packs with no new/modified scripts → update normally (no trust prompt needed)
- Packs with new/modified scripts → skip the update and report which packs were skipped and why
This allows Claude Code (and other automation) to handle the common case (no script changes) automatically, while safely deferring trust-sensitive updates to the user.
Alternative considered
A --trust / --yes flag that auto-approves trust — rejected because it bypasses a security boundary. Users should explicitly review new scripts.
Affected code
Sources/mcs/Sync/PackUpdater.swift — updateGitPack() calls trustManager.promptForTrust()Sources/mcs/ExternalPack/PackTrustManager.swift — promptForTrust() uses interactive askYesNoSources/mcs/Commands/PackCommand.swift — UpdatePack subcommandSources/mcs/Core/UpdateChecker.swift — buildContextString() hook directive (could run the update directly if non-interactive mode existed)
Problem
mcs pack updatemay prompt for interactive trust approval when packs contain new or modified scripts (PackTrustManager.promptForTrust). This makes it impossible to run from within Claude Code or any non-interactive environment (CI, automation, hooks).Currently the SessionStart update hook can detect available updates but cannot apply pack updates — it must direct users to a separate terminal.
Proposal
Add a flag (e.g.,
--skip-untrusted) tomcs pack updatethat enables non-interactive operation:This allows Claude Code (and other automation) to handle the common case (no script changes) automatically, while safely deferring trust-sensitive updates to the user.
Alternative considered
A
--trust/--yesflag that auto-approves trust — rejected because it bypasses a security boundary. Users should explicitly review new scripts.Affected code
Sources/mcs/Sync/PackUpdater.swift—updateGitPack()callstrustManager.promptForTrust()Sources/mcs/ExternalPack/PackTrustManager.swift—promptForTrust()uses interactiveaskYesNoSources/mcs/Commands/PackCommand.swift—UpdatePacksubcommandSources/mcs/Core/UpdateChecker.swift—buildContextString()hook directive (could run the update directly if non-interactive mode existed)