From c5bb0c2ab80082d16116dfec42da6ca50e0f2075 Mon Sep 17 00:00:00 2001
From: siddseethepalli <siddseethepalli@gmail.com>
Date: Tue, 17 Feb 2026 14:00:57 +0000
Subject: [PATCH] fix: filter auth_result in sendOneMessage after
 authentication

When hasSocketOverride() is enabled, the server auto-authenticates and
sends an auth_result. If the client also sends an auth message (because
it has a local token), the server responds with a second auth_result.
After the first auth_result sets authenticated=true, the second one
falls through to the response handler and gets resolved as the command
response, breaking CLI subcommands.

Filter auth_result messages in the authenticated path of sendOneMessage,
matching the existing pattern for daemon_status and session_info.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 assistant/src/index.ts | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/assistant/src/index.ts b/assistant/src/index.ts
index 16c5c1453c8..6dca7518731 100755
--- a/assistant/src/index.ts
+++ b/assistant/src/index.ts
@@ -104,6 +104,12 @@ function sendOneMessage(
         if (m.type === 'daemon_status') {
           continue;
         }
+        // On auto-auth sockets the server may send a second auth_result
+        // in response to the client's auth message after we're already
+        // authenticated — ignore it so it doesn't resolve as the response.
+        if (m.type === 'auth_result') {
+          continue;
+        }
         if (m.type === 'session_info' && msg.type !== 'session_create') {
           continue;
         }