0b370f2dd9
Changes the policy for agent-created skills with critical security findings from 'block' (silently rejected) to 'ask' (allowed with warning logged). The agent created the skill, so blocking it entirely is too aggressive — let it through but log the findings. - Policy: agent-created dangerous changed from block to ask - should_allow_install returns None for 'ask' (vs True/False) - format_scan_report shows 'NEEDS CONFIRMATION' for ask - skill_manager_tool.py caller handles None (allows with warning) - force=True still overrides as before Based on PR #2271 by redhelix (closed — 3200 lines of unrelated Mission Control code excluded).
24 KiB
24 KiB