diff options
| author | main <main@swarm.moe> | 2026-03-24 13:19:18 -0400 |
|---|---|---|
| committer | main <main@swarm.moe> | 2026-03-24 13:19:18 -0400 |
| commit | 57205cd29c41afe85c78a3b5c1962bb3d1f1b27c (patch) | |
| tree | 3b6336cb705eea622cbdc4f9eb32a5ed3c72bcaf | |
| parent | 53797d1f9bbaf73778cbb9dd6ad2f857ba1a88e2 (diff) | |
| download | phone_opus-57205cd29c41afe85c78a3b5c1962bb3d1f1b27c.zip | |
Disable Claude web search in consults
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | assets/codex-skills/phone-opus/SKILL.md | 1 | ||||
| -rw-r--r-- | crates/phone-opus/src/mcp/protocol.rs | 2 | ||||
| -rw-r--r-- | crates/phone-opus/tests/mcp_hardening.rs | 2 |
4 files changed, 4 insertions, 3 deletions
@@ -28,7 +28,7 @@ Each `consult` call runs Claude Code with: - a baked-in consult prefix telling Claude it is acting in read-only advisory mode for another model and should return a prioritized actionable report - no configured MCP servers (`--strict-mcp-config --mcp-config '{"mcpServers":{}}'`) - a read-only built-in toolset: - - `Bash,Read,Grep,Glob,LS,WebFetch,WebSearch` + - `Bash,Read,Grep,Glob,LS,WebFetch` - `--dangerously-skip-permissions` - an external `systemd-run --user` sandbox instead of Claude's internal permission gate - the filesystem stays globally read-only under `ProtectSystem=strict` diff --git a/assets/codex-skills/phone-opus/SKILL.md b/assets/codex-skills/phone-opus/SKILL.md index 3750531..3d307a2 100644 --- a/assets/codex-skills/phone-opus/SKILL.md +++ b/assets/codex-skills/phone-opus/SKILL.md @@ -32,6 +32,7 @@ should be taken as authoritative or final. It is a pure consultant. - Prepends a fixed consult prefix before your prompt so Opus knows it is advising another model in read-only mode and should return a prioritized actionable report. - Uses `--dangerously-skip-permissions`, but wraps Claude in an external `systemd-run --user` sandbox. - The sandbox keeps the filesystem globally read-only, gives Claude a separate persistent home under phone-opus state, leaves `/tmp` and `/var/tmp` writable, and forces the consulted `cwd` read-only when that tree would otherwise be writable. +- Web search is disabled; keep Opus focused on local inspection, reasoning, and any direct web fetches that are truly necessary. - Previous consult outputs can be found in `/tmp/phone_opus-consults`. - For related follow-ups on the same repository, keep using the same `cwd`; phone-opus will reuse that remembered context by default, which is much cheaper than cold-starting Opus. - This surface is consultative only. Edit tools are unavailable. diff --git a/crates/phone-opus/src/mcp/protocol.rs b/crates/phone-opus/src/mcp/protocol.rs index b1ee587..9d3ec1a 100644 --- a/crates/phone-opus/src/mcp/protocol.rs +++ b/crates/phone-opus/src/mcp/protocol.rs @@ -28,7 +28,7 @@ Prefer specific recommendations over vague commentary. If there are no meaningfu The real prompt follows."; pub(crate) const CLAUDE_EFFORT: &str = "max"; pub(crate) const CLAUDE_MODEL: &str = "claude-opus-4-6"; -pub(crate) const CLAUDE_TOOLSET: &str = "Bash,Read,Grep,Glob,LS,WebFetch,WebSearch"; +pub(crate) const CLAUDE_TOOLSET: &str = "Bash,Read,Grep,Glob,LS,WebFetch"; pub(crate) const EMPTY_MCP_CONFIG: &str = "{\"mcpServers\":{}}"; #[derive(Clone, Debug, Deserialize, Serialize)] diff --git a/crates/phone-opus/tests/mcp_hardening.rs b/crates/phone-opus/tests/mcp_hardening.rs index f6e0e73..6a3130b 100644 --- a/crates/phone-opus/tests/mcp_hardening.rs +++ b/crates/phone-opus/tests/mcp_hardening.rs @@ -603,7 +603,7 @@ fn consult_reuses_context_per_cwd_by_default_and_fresh_context_opts_out() -> Tes assert!(lines.contains(&"--effort")); assert!(lines.contains(&"max")); assert!(lines.contains(&"--tools")); - assert!(lines.contains(&"Bash,Read,Grep,Glob,LS,WebFetch,WebSearch")); + assert!(lines.contains(&"Bash,Read,Grep,Glob,LS,WebFetch")); assert!(lines.contains(&"--dangerously-skip-permissions")); assert!(!lines.contains(&"--permission-mode")); assert!(!lines.contains(&"dontAsk")); |