Daemon-spawned sessions ignore ~/.claude/settings.json permissions and hooks

[mislaughter1989-del]

Problem

When the Happy daemon spawns a new Claude session (via mobile app or happy daemon), it does not read ~/.claude/settings.json to determine the user's configured permission mode. This causes every Bash/tool call to prompt for approval, even when the user has set "defaultMode": "bypassPermissions" in their Claude settings.

Additionally, the --settings flag passed to the Agent SDK binary points to a minimal Happy-internal hook file (~/.happy/tmp/hooks/session-hook-*.json) that only contains a SessionStart forwarder. This means:

1. User-defined hooks (PreToolUse, PostToolUse, Stop, SessionEnd, etc.) from ~/.claude/settings.json are not loaded
2. Plugins configured in settings.json are not passed through
3. Permission allowlists from settings.local.json are ignored
4. Environment variables set in the env block of settings.json are not injected

Root Cause

In dist/index-q9G4ktSK.mjs (and CJS equivalent), the daemon spawn code builds args without reading Claude's permission settings:

// Line ~5371 (new session spawn)
const args = [
  agentCommand,
  "--happy-starting-mode", "remote",
  "--started-by", "daemon"
];
// No --permission-mode flag added

// Line ~5296 (tmux spawn)
const fullCommand = `node ... ${agent} --happy-starting-mode remote --started-by daemon`;
// No --permission-mode flag added

Meanwhile, readClaudeSettings() already exists and correctly reads ~/.claude/settings.json (used for includeCoAuthoredBy), but its output is never consulted for permission mode on daemon spawns. The options.permissionMode passthrough only happens for resume operations (line ~5514), not new spawns.

Expected Behavior

• Daemon-spawned sessions should inherit permissions.defaultMode from ~/.claude/settings.json
• Ideally, the full settings merge chain (settings.json + settings.local.json + project-level settings) should be respected, same as a direct claude CLI launch
• At minimum: if defaultMode: "bypassPermissions" is set, daemon spawns should pass --permission-mode bypassPermissions

Workaround

Users can work around the permission issue by always launching with happy --yolo, but this doesn't help daemon-spawned sessions (the primary use case for the mobile app).

A local patch to readClaudeSettings() at the spawn sites works but is overwritten on npm update.

Environment

• Happy CLI: 1.1.8
• OS: Ubuntu 24.04 (Linux 6.17)
• Claude Agent SDK: bundled in happy node_modules
• Claude Code: 2.1.176

[mislaughter1989-del]

Update: This also affects Codex and Gemini modes.

Codex

In runCodex(), currentPermissionMode is initialized as undefined (line ~9622 in index-q9G4ktSK.mjs), which falls through to "default" at line 9653. The resolveCodexExecutionPolicy() function then maps "default" to approvalPolicy: "untrusted", causing every tool call to prompt for approval. The user's ~/.claude/settings.json bypassPermissions setting is never consulted.

Gemini

In runGemini() (in runGemini-buTWYuFO.mjs), same pattern — currentPermissionMode = void 0 at line 961. The GeminiPermissionHandler class also hardcodes currentPermissionMode = "default" at line 467. Neither reads from ~/.claude/settings.json.

Summary of affected spawn paths

Agent	Local launch	Daemon spawn	Permission inherited?
Claude	happy / happy --yolo	daemon --started-by daemon	No (both)
Codex	happy codex	daemon --started-by daemon	No (both)
Gemini	happy gemini	daemon --started-by daemon	No (both)

All three agents have the readClaudeSettings() function available (or can trivially read the file), but none use it to seed the initial permission mode.