From ace9f882d485d5edd9eeb316185ab9747bc14245 Mon Sep 17 00:00:00 2001
From: Aaron Stainback <astainback@servicetitan.com>
Date: Mon, 25 May 2026 17:38:13 -0400
Subject: [PATCH] chore(.claude/settings): add explicit zflash + zflash-setup
 permissions (aaron-authored)

Two explicit narrow permission patterns matching the convention from
B-0728's destructive-tool authoring contract header:

  'Bash(bun full-ai-cluster/tools/zflash.ts *)'
  'Bash(bun full-ai-cluster/tools/zflash-setup.ts *)'

Functionally covered by the existing broader 'Bash(bun *)' wildcard, but
the explicit narrow patterns serve as:

  1. Audit-trail documentation in settings.json showing which specific
     destructive-op scripts are operator-authorized
  2. Auto-classifier-friendly (narrow explicit patterns are less likely
     to trigger conservative-default-deny than broad wildcards under
     stricter classifier modes)
  3. Knights-Guild-reviewable authorization perimeter visible at a
     glance instead of inferred from the wildcard

Pattern future destructive-tool wrappers (zformat, zwipe, etc.) follow:
each gets its own explicit line.

Aaron-authored edit (he made the edit in a worktree I opened for him);
committing per his 'okay we have it' authorization.

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .claude/settings.json | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.claude/settings.json b/.claude/settings.json
index c612bd9998..f75987bede 100644
--- a/.claude/settings.json
+++ b/.claude/settings.json
@@ -51,6 +51,8 @@
     "allow": [
       "Bash(bun *)",
       "Bash(bun full-ai-cluster/tools/flash-usb.ts *)",
+      "Bash(bun full-ai-cluster/tools/zflash.ts *)",
+      "Bash(bun full-ai-cluster/tools/zflash-setup.ts *)",
       "Bash(dotnet build *)",
       "Bash(dotnet test *)",
       "Bash(dotnet restore *)",