From 3a58dae484a3ef0c63380513e9ae6f778b404bab Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Wed, 15 Apr 2026 23:54:42 -0400
Subject: [PATCH 01/16] docs: add spec-kit artifacts for advanced SDK options
 (010)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Spec, plan, and task breakdown for re-implementing PR #1146 —
exposing Claude Agent SDK options in session creation UI.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 specs/010-advanced-sdk-options/plan.md  |  86 +++++++++++++++++
 specs/010-advanced-sdk-options/spec.md  | 123 ++++++++++++++++++++++++
 specs/010-advanced-sdk-options/tasks.md | 104 ++++++++++++++++++++
 3 files changed, 313 insertions(+)
 create mode 100644 specs/010-advanced-sdk-options/plan.md
 create mode 100644 specs/010-advanced-sdk-options/spec.md
 create mode 100644 specs/010-advanced-sdk-options/tasks.md

diff --git a/specs/010-advanced-sdk-options/plan.md b/specs/010-advanced-sdk-options/plan.md
new file mode 100644
index 000000000..83018ce8f
--- /dev/null
+++ b/specs/010-advanced-sdk-options/plan.md
@@ -0,0 +1,86 @@
+# Implementation Plan: Advanced SDK Options
+
+**Branch**: `010-advanced-sdk-options` | **Date**: 2026-04-15 | **Spec**: [spec.md](spec.md)
+**Input**: Feature specification from `/specs/010-advanced-sdk-options/spec.md`
+
+## Summary
+
+Expose Claude Agent SDK options (temperature, tokens, tools, system prompt, etc.) in the session creation UI. Options flow from a React form through Go backend validation to a Python runner, where they merge into `ClaudeAgentOptions`. Defense-in-depth via backend allowlist + runner denylist. A weekly GHA workflow detects SDK drift.
+
+## Technical Context
+
+**Language/Version**: Go 1.22+ (backend), TypeScript/Next.js 14 (frontend), Python 3.12 (runner)
+**Primary Dependencies**: Gin (backend HTTP), React + Shadcn/ui (frontend), claude-agent-sdk (runner)
+**Storage**: Kubernetes CRDs — options travel as JSON string in existing `environmentVariables` map (no CRD changes)
+**Testing**: go test (backend), vitest (frontend), pytest (runner)
+**Target Platform**: Kubernetes cluster (OpenShift/kind)
+**Project Type**: Web application (Go API + React frontend + Python runner)
+
+## Constitution Check
+
+| Principle | Status | Notes |
+|-----------|--------|-------|
+| I. K8s-Native | PASS | Uses existing CR env vars, no new CRDs |
+| II. Security | PASS | Allowlist + denylist + append-only system prompt |
+| III. Type Safety | PASS | Backend type validation per key, no `any` in frontend |
+| IV. TDD | ENFORCED | Tests required for each component |
+| V. Modularity | PASS | Single-file component, handler functions, bridge method |
+| X. Commit Discipline | PASS | Feature split into backend/frontend/runner commits |
+
+## Project Structure
+
+### Documentation (this feature)
+
+```text
+specs/010-advanced-sdk-options/
+├── spec.md              # Feature specification
+├── plan.md              # This file
+└── tasks.md             # Task breakdown
+```
+
+### Source Code (files to create or modify)
+
+```text
+components/backend/
+├── handlers/sessions.go          # MODIFY: add filterSdkOptions, validateSdkOptionValue, allowlist
+└── types/session.go              # MODIFY: add SdkOptions field to request types
+
+components/frontend/src/
+├── components/
+│   └── advanced-sdk-options.tsx   # CREATE: collapsible SDK options form
+├── app/projects/[name]/
+│   ├── new/page.tsx               # MODIFY: wire sdkOptions into create call
+│   └── sessions/[sessionName]/components/
+│       └── new-session-view.tsx   # MODIFY: add AdvancedSdkOptions + feature flag gate
+└── types/api/sessions.ts         # MODIFY: add SdkOptions type
+
+components/runners/ambient-runner/
+├── ambient_runner/bridges/claude/bridge.py  # MODIFY: parse SDK_OPTIONS, denylist, merge
+├── sdk-options-manifest.json               # CREATE: canonical SDK field list
+└── tests/test_sdk_options.py               # CREATE: SDK_OPTIONS parsing tests
+
+components/manifests/base/core/flags.json   # MODIFY: add advanced-sdk-options flag
+
+.github/workflows/
+└── claude-sdk-options-drift.yml            # CREATE: weekly drift detection
+
+components/backend/handlers/
+└── sessions_sdk_options_test.go            # CREATE: backend filterSdkOptions tests
+
+components/frontend/src/components/__tests__/
+└── advanced-sdk-options.test.tsx           # CREATE: frontend component tests
+```
+
+## Design Decisions
+
+1. **Single file for frontend component** — `advanced-sdk-options.tsx` is a self-contained collapsible panel. No sub-component directory needed. Fields are simple inputs, selects, switches, and textareas.
+
+2. **Backend allowlist as map literal** — `allowedSdkOptionKeys map[string]bool` at package level. Simple, auditable, no external config.
+
+3. **Runner denylist as frozenset** — `_SDK_OPTIONS_DENYLIST` at module level. Blocks platform-internal keys even if backend is compromised.
+
+4. **SDK_OPTIONS as JSON string in env var** — Avoids CRD changes. The `environmentVariables` map already exists on the CR spec.
+
+5. **System prompt append-only** — User text appended under `## Custom Instructions` heading. Prevents users from stripping platform security instructions.
+
+6. **Feature flag UI-only** — Backend always accepts `sdkOptions` for API callers. Flag gates the form in the frontend only.
diff --git a/specs/010-advanced-sdk-options/spec.md b/specs/010-advanced-sdk-options/spec.md
new file mode 100644
index 000000000..54695ce35
--- /dev/null
+++ b/specs/010-advanced-sdk-options/spec.md
@@ -0,0 +1,123 @@
+# Feature Specification: Advanced SDK Options
+
+**Feature Branch**: `feat/advanced-sdk-options-v2`
+**Created**: 2026-04-15
+**Status**: Draft
+**Input**: Re-implementation of PR #1146 — expose Claude Agent SDK options in session creation UI
+
+## Overview
+
+Allow platform users to configure Claude Agent SDK parameters when creating sessions. Options flow from a frontend form through backend validation to the runner, where they merge into `ClaudeAgentOptions`. Gated behind workspace feature flag `advanced-sdk-options` (disabled by default). No CRD changes — options travel as a JSON string in the existing `environmentVariables` map.
+
+### Data Flow
+
+```
+Frontend form → sdkOptions on POST request
+  → Backend: allowlist filter + type validation → JSON string
+    → CR environmentVariables["SDK_OPTIONS"]
+      → Runner: parse, denylist filter, merge into adapter options
+        → ClaudeAgentAdapter(options)
+```
+
+### Security
+
+- **Backend allowlist**: Only permitted keys with valid types pass through. Everything else silently dropped.
+- **Runner denylist**: Blocks platform-internal keys (`cwd`, `api_key`, etc.) even if backend is bypassed.
+- **System prompt**: Append-only. User text goes under `## Custom Instructions`, never replaces platform prompt.
+- **Feature flag**: UI-only gate. The API always accepts `sdkOptions` for programmatic callers.
+
+## User Scenarios & Testing
+
+### User Story 1 - Configure SDK Options on Session Creation (Priority: P1)
+
+A user creating a session wants to tune Claude — lower temperature, increase token budget, set a custom system prompt, or restrict tools.
+
+**Why this priority**: The entire feature. Everything else is a subset of this.
+
+**Independent Test**: Create a session with `sdkOptions` via API, verify the runner receives and applies them.
+
+**Acceptance Scenarios**:
+
+1. **Given** `advanced-sdk-options` is enabled for a workspace, **When** a user opens the new session page, **Then** a collapsible "Advanced SDK Options" section appears (collapsed by default).
+
+2. **Given** the user sets temperature to 0.3 and max_turns to 5 and submits, **When** the backend processes the request, **Then** the CR has `SDK_OPTIONS={"temperature":0.3,"max_turns":5}` in its env vars.
+
+3. **Given** the runner pod starts with `SDK_OPTIONS`, **When** the adapter initializes, **Then** the parsed options are merged into `ClaudeAgentOptions` (minus denylisted keys).
+
+4. **Given** `advanced-sdk-options` is disabled, **When** a user opens the new session page, **Then** the advanced options section is not visible.
+
+5. **Given** the user provides a system_prompt, **When** the runner merges options, **Then** the platform prompt is preserved and the user text is appended under `## Custom Instructions`.
+
+6. **Given** `SDK_OPTIONS` contains invalid JSON, **When** the runner parses it, **Then** it logs a warning and proceeds with platform defaults.
+
+---
+
+### User Story 2 - SDK Options Drift Detection (Priority: P2)
+
+The Claude Agent SDK evolves. The platform must detect when `ClaudeAgentOptions` fields change and alert maintainers so the allowlist/UI stay current.
+
+**Why this priority**: Without this, the platform silently drifts from the SDK. Users can't access new options and removed options cause silent failures.
+
+**Independent Test**: Run the drift workflow via `workflow_dispatch`, verify it detects a simulated field change.
+
+**Acceptance Scenarios**:
+
+1. **Given** `claude-agent-sdk` on PyPI has added a new field, **When** the weekly workflow runs, **Then** it updates `sdk-options-manifest.json` and opens a PR labeled `amber:auto-fix`.
+
+2. **Given** no drift exists, **When** the workflow runs, **Then** no PR is created and the job succeeds cleanly.
+
+3. **Given** the workflow encounters a PyPI install failure, **When** it runs, **Then** it fails loudly (non-zero exit) rather than silently skipping.
+
+---
+
+### Edge Cases
+
+- `SDK_OPTIONS` is a JSON array instead of object → runner logs warning, uses platform defaults.
+- User sends `sdkOptions` with unknown keys → backend silently drops them, no error.
+- User sends `temperature: "hot"` → backend returns 400 with type validation error.
+- `SDK_OPTIONS` contains `api_key` → runner denylist blocks it.
+- User sends empty `sdkOptions: {}` → no `SDK_OPTIONS` env var set (no-op).
+
+## Requirements
+
+### Functional Requirements
+
+**Backend:**
+
+- **FR-001**: `CreateAgenticSessionRequest` accepts optional `sdkOptions map[string]interface{}`.
+- **FR-002**: Backend filters `sdkOptions` through an allowlist and validates types per key. Returns 400 on type mismatch. Silently drops unknown keys.
+- **FR-003**: Filtered options are JSON-serialized into `environmentVariables["SDK_OPTIONS"]` on the CR.
+
+**Runner:**
+
+- **FR-004**: Runner parses `SDK_OPTIONS` env var as JSON on adapter init. Malformed input → warn + use defaults.
+- **FR-005**: Runner applies a denylist for platform-internal keys (`cwd`, `api_key`, `mcp_servers`, `setting_sources`, `stderr`, `resume`, `continue_conversation`, `add_dirs`). Logs a warning per blocked key.
+- **FR-006**: `system_prompt` is appended under `## Custom Instructions`, not replaced.
+
+**Frontend:**
+
+- **FR-007**: `AdvancedSdkOptions` component renders behind `advanced-sdk-options` workspace flag. Collapsed by default.
+- **FR-008**: Field names use snake_case matching the Python SDK wire format.
+- **FR-009**: `sdkOptions` is only included in the create request when at least one value is set.
+
+**Drift Detection:**
+
+- **FR-010**: Weekly GHA workflow introspects `ClaudeAgentOptions` from `claude-agent-sdk` PyPI package and compares against `sdk-options-manifest.json`.
+- **FR-011**: On drift: updates manifest, opens PR with `amber:auto-fix` label. On no drift: clean exit. On error: hard fail.
+
+**Feature Flag:**
+
+- **FR-012**: `advanced-sdk-options` defined in `flags.json` with `scope:workspace` tag. Gates UI only.
+
+### Key Entities
+
+- **SdkOptions**: Map of SDK parameter names (snake_case) to values. Travels as JSON string through CR env vars.
+- **SDK Options Manifest**: JSON file recording `ClaudeAgentOptions` fields/types from PyPI. Source of truth for drift detection.
+
+## Success Criteria
+
+- **SC-001**: Sessions created with custom SDK options produce observably different agent behavior.
+- **SC-002**: Backend rejects invalid types with 400.
+- **SC-003**: Runner never passes denylisted keys to the SDK.
+- **SC-004**: System prompt append-only behavior verified by test.
+- **SC-005**: Drift workflow detects field changes on manual trigger.
diff --git a/specs/010-advanced-sdk-options/tasks.md b/specs/010-advanced-sdk-options/tasks.md
new file mode 100644
index 000000000..c6839e3ad
--- /dev/null
+++ b/specs/010-advanced-sdk-options/tasks.md
@@ -0,0 +1,104 @@
+# Tasks: Advanced SDK Options
+
+**Input**: Design documents from `/specs/010-advanced-sdk-options/`
+**Prerequisites**: plan.md (required), spec.md (required)
+
+## Phase 1: Setup
+
+- [ ] T001 [P1] Add `advanced-sdk-options` feature flag to `components/manifests/base/core/flags.json` with `scope:workspace` tag and description "Expose Claude Agent SDK options in session creation UI"
+- [ ] T002 [P1] Verify flag syncs: run `make lint` to confirm `flags.json` is valid JSON and passes check-yaml
+
+## Phase 2: Backend
+
+### Types
+
+- [ ] T010 [P1] [US1] Add `SdkOptions map[string]interface{}` field with `json:"sdkOptions,omitempty"` to `CreateAgenticSessionRequest` in `components/backend/types/session.go`
+
+### Allowlist + Validation (TDD)
+
+- [ ] T011 [P1] [US1] Create test file `components/backend/handlers/sessions_sdk_options_test.go` with `//go:build test` tag. Write tests for `filterSdkOptions`: valid keys pass, unknown keys dropped silently, empty map returns nil
+- [ ] T012 [P1] [US1] Write tests for `validateSdkOptionValue`: `temperature` accepts float64, rejects string; `max_turns` accepts int, rejects float; `system_prompt` accepts string, rejects number; `allowed_tools` accepts []interface{}, rejects string
+- [ ] T013 [P1] [US1] Run tests, verify they fail (functions not yet implemented): `cd components/backend && go test -tags test -run TestSdkOptions ./handlers/`
+- [ ] T014 [P1] [US1] Implement `allowedSdkOptionKeys` map and `filterSdkOptions(opts map[string]interface{}) (map[string]interface{}, error)` in `components/backend/handlers/sessions.go`. Allowlist keys: `temperature`, `max_turns`, `max_budget_usd`, `effort`, `system_prompt`, `permission_mode`, `allowed_tools`, `disallowed_tools`, `thinking`, `max_buffer_size`, `include_partial_messages`, `enable_file_checkpointing`, `sandbox`, `output_format`, `betas`, `hooks`, `agents`, `plugins`, `tools`, `env`, `extra_args`, `user`
+- [ ] T015 [P1] [US1] Implement `validateSdkOptionValue(key string, value interface{}) error` in `components/backend/handlers/sessions.go`. Type-check each key: floats for `temperature`/`max_budget_usd`, int for `max_turns`/`max_buffer_size`, string for `system_prompt`/`permission_mode`/`effort`/`user`, bool for `include_partial_messages`/`enable_file_checkpointing`, slice for `allowed_tools`/`disallowed_tools`/`betas`/`plugins`, map for `thinking`/`sandbox`/`output_format`/`hooks`/`agents`/`env`/`extra_args`/`tools`
+- [ ] T016 [P1] [US1] Run tests, verify they pass: `cd components/backend && go test -tags test -run TestSdkOptions ./handlers/`
+
+### Handler Integration
+
+- [ ] T017 [P1] [US1] In `CreateAgenticSession` handler in `components/backend/handlers/sessions.go`, after `envVars` is populated: if `req.SdkOptions` is non-empty, call `filterSdkOptions`, return 400 on validation error, JSON-serialize the result into `envVars["SDK_OPTIONS"]`. Skip if filtered result is empty
+- [ ] T018 [P1] [US1] Write integration test in `components/backend/handlers/sessions_sdk_options_test.go`: POST create session with `sdkOptions: {"temperature": 0.3, "max_turns": 5}`, verify CR has `environmentVariables.SDK_OPTIONS` containing the JSON
+- [ ] T019 [P1] [US1] Write edge-case test: POST with `sdkOptions: {"temperature": "hot"}` returns HTTP 400
+- [ ] T020 [P1] [US1] Write edge-case test: POST with `sdkOptions: {"unknown_key": 42}` succeeds, CR `SDK_OPTIONS` does not contain `unknown_key`
+- [ ] T021 [P1] [US1] Write edge-case test: POST with `sdkOptions: {}` succeeds, CR has no `SDK_OPTIONS` key in env vars
+- [ ] T022 [P1] [US1] Run full backend tests: `cd components/backend && go test -tags test ./handlers/`
+- [ ] T023 [P1] [US1] Run backend linters: `cd components/backend && gofmt -l . && go vet ./...`
+
+### Commit
+
+- [ ] T024 [P1] Commit Phase 2: "feat(backend): add sdkOptions allowlist and type validation for session creation"
+
+## Phase 3: User Story 1 -- Configure SDK Options (P1)
+
+### Runner: SDK_OPTIONS Parsing (TDD)
+
+- [ ] T030 [P1] [US1] Create test file `components/runners/ambient-runner/tests/test_sdk_options.py`. Write tests: parse valid JSON from `SDK_OPTIONS` env var, merge into adapter options dict; malformed JSON logs warning and returns empty dict; JSON array (not object) logs warning and returns empty dict
+- [ ] T031 [P1] [US1] Write denylist tests in `components/runners/ambient-runner/tests/test_sdk_options.py`: `cwd`, `api_key`, `mcp_servers`, `setting_sources`, `stderr`, `resume`, `continue_conversation`, `add_dirs` are blocked; each blocked key logs a warning; non-blocked keys pass through
+- [ ] T032 [P1] [US1] Write system_prompt merge test: when `SDK_OPTIONS` contains `system_prompt`, the platform system prompt dict is preserved and user text is appended under `## Custom Instructions` heading
+- [ ] T033 [P1] [US1] Run tests, verify they fail: `cd components/runners/ambient-runner && python -m pytest tests/test_sdk_options.py -v`
+- [ ] T034 [P1] [US1] Implement `_SDK_OPTIONS_DENYLIST` frozenset and `parse_sdk_options(env_var: str) -> dict` function in `components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py`. Parse JSON, apply denylist, log warnings for blocked keys
+- [ ] T035 [P1] [US1] Implement `_merge_system_prompt(platform_prompt: dict, user_prompt: str) -> dict` in `components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py`. Append user text under `## Custom Instructions` in the platform prompt's append field
+- [ ] T036 [P1] [US1] Integrate in `_ensure_adapter`: call `parse_sdk_options(os.getenv("SDK_OPTIONS", ""))`, handle `system_prompt` key via `_merge_system_prompt`, merge remaining keys into the `options` dict before constructing `ClaudeAgentAdapter` in `components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py`
+- [ ] T037 [P1] [US1] Run tests, verify they pass: `cd components/runners/ambient-runner && python -m pytest tests/test_sdk_options.py -v`
+- [ ] T038 [P1] [US1] Run runner linters: `cd components/runners/ambient-runner && ruff check . && ruff format --check .`
+
+### Commit
+
+- [ ] T039 [P1] Commit Phase 3 runner: "feat(runner): parse SDK_OPTIONS env var with denylist and system prompt merge"
+
+### Frontend: Types
+
+- [ ] T040 [P1] [US1] Rename `agentOptions` field to `sdkOptions` with type `Record<string, unknown>` in `CreateAgenticSessionRequest` in `components/frontend/src/types/api/sessions.ts`. Update the TODO comment to reference `SDK_OPTIONS` env var
+- [ ] T041 [P1] [US1] Rename `agentOptions` field to `sdkOptions` in `CreateAgenticSessionRequest` in `components/frontend/src/types/agentic-session.ts` (canonical type location)
+
+### Frontend: Wire AdvancedSdkOptions into NewSessionView (TDD)
+
+- [ ] T042 [P1] [US1] Create test file `components/frontend/src/components/__tests__/advanced-sdk-options.test.tsx`. Write tests: component renders collapsed by default; expanding reveals form fields; form values are emitted on change; component is not rendered when `advanced-sdk-options` flag is false
+- [ ] T043 [P1] [US1] Run tests, verify they fail: `cd components/frontend && npx vitest run --reporter=verbose src/components/__tests__/advanced-sdk-options.test.tsx`
+- [ ] T044 [P1] [US1] Create `components/frontend/src/components/advanced-sdk-options.tsx` — a collapsible wrapper that imports `AgentOptionsFields` from `components/claude-agent-options` and renders inside a `Collapsible` from shadcn/ui. Props: `projectName: string`, `form: UseFormReturn<ClaudeAgentOptionsForm>`, `disabled?: boolean`. Uses `useWorkspaceFlag(projectName, "advanced-sdk-options")` to gate visibility
+- [ ] T045 [P1] [US1] In `components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/new-session-view.tsx`: import `AdvancedSdkOptions`, add `useForm<ClaudeAgentOptionsForm>` with `claudeAgentOptionsDefaults`, render `<AdvancedSdkOptions>` between the input area and pending repo badges. Add `sdkOptions` to the `onCreateSession` callback config type
+- [ ] T046 [P1] [US1] In `NewSessionViewProps.onCreateSession` callback type, add `sdkOptions?: Record<string, unknown>`. In `handleSubmit`, collect non-empty form values and pass as `sdkOptions`
+- [ ] T047 [P1] [US1] In `components/frontend/src/app/projects/[name]/new/page.tsx`: update `handleCreateNewSession` config type to include `sdkOptions`. Wire `config.sdkOptions` into the `createSessionMutation.mutate` data payload as `sdkOptions`
+- [ ] T048 [P1] [US1] Run tests, verify they pass: `cd components/frontend && npx vitest run --reporter=verbose src/components/__tests__/advanced-sdk-options.test.tsx`
+- [ ] T049 [P1] [US1] Run full frontend test suite: `cd components/frontend && npx vitest run`
+- [ ] T050 [P1] [US1] Run frontend build: `cd components/frontend && npm run build`
+
+### Frontend: Update create-session-dialog.tsx (dead code cleanup)
+
+- [ ] T051 [P1] [US1] In `components/frontend/src/components/create-session-dialog.tsx`, update references from `advanced-agent-options` flag to `advanced-sdk-options` and from `agentOptions` to `sdkOptions` in the mutation payload (if this dialog is still used anywhere; otherwise note it as dead code)
+
+### Commit
+
+- [ ] T052 [P1] Commit Phase 3 frontend: "feat(frontend): add AdvancedSdkOptions collapsible form gated by workspace flag"
+
+## Phase 4: User Story 2 -- SDK Options Drift Detection (P2)
+
+- [ ] T060 [P2] [US2] Create `components/runners/ambient-runner/sdk-options-manifest.json` with current `ClaudeAgentOptions` fields and types from `claude-agent-sdk`. Format: `{"version": "0.1.48", "fields": {"temperature": "float", "max_turns": "int", ...}}`
+- [ ] T061 [P2] [US2] Create `.github/workflows/claude-sdk-options-drift.yml`: weekly cron (`0 6 * * 1`) + `workflow_dispatch`. Job: checkout, setup Python 3.12, `uv pip install claude-agent-sdk`, run introspection script, compare against manifest, open PR with `amber:auto-fix` label if drift detected, clean exit if no drift, hard fail on errors
+- [ ] T062 [P2] [US2] Create `scripts/sdk-options-drift-check.py`: import `ClaudeAgentOptions` from `claude_agent_sdk`, introspect fields via `typing.get_type_hints()` or `dataclasses.fields()`, compare against `sdk-options-manifest.json`, write updated manifest if drift found, exit 0 on no drift, exit 1 on drift (for GHA to detect), exit 2 on error
+- [ ] T063 [P2] [US2] Write test in `components/runners/ambient-runner/tests/test_sdk_options.py`: mock `ClaudeAgentOptions` with an extra field, verify drift script detects it
+- [ ] T064 [P2] [US2] Run drift check manually to verify clean baseline: `cd components/runners/ambient-runner && python ../../scripts/sdk-options-drift-check.py`
+
+### Commit
+
+- [ ] T065 [P2] Commit Phase 4: "feat(ci): add weekly Claude SDK options drift detection workflow"
+
+## Phase 5: Polish
+
+- [ ] T070 [P1] Run full backend test suite: `cd components/backend && make test`
+- [ ] T071 [P1] Run full frontend test suite with coverage: `cd components/frontend && npx vitest run --coverage`
+- [ ] T072 [P1] Run full runner test suite: `cd components/runners/ambient-runner && python -m pytest tests/ -v`
+- [ ] T073 [P1] Run pre-commit hooks on all changed files: `make lint`
+- [ ] T074 [P1] Run frontend production build: `cd components/frontend && npm run build`
+- [ ] T075 [P1] Verify no `any` types in new/modified frontend code (grep changed .tsx/.ts files for `: any` or `as any`)
+- [ ] T076 [P1] Verify all acceptance scenarios from spec.md are covered by tests (cross-reference SC-001 through SC-005)
+- [ ] T077 [P1] Final commit if any polish changes: "chore: polish and lint fixes for advanced SDK options"

From feeead5ed4adf4a453adb921b853a17c26e92c07 Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Thu, 16 Apr 2026 00:18:49 -0400
Subject: [PATCH 02/16] docs: simplify plan and tasks for advanced SDK options
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Fix plan: note existing claude-agent-options/ form on main, derive
  allowlist from schema, add agentOptions→sdkOptions rename decision
- Rewrite tasks: merge TDD triplets into single tasks, remove dead code
  cleanup (create-session-dialog.tsx), remove per-phase lint duplication,
  fix allowlist to reference schema, add execution skill reference
- 22 tasks across 6 phases (down from 37 across 5)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 specs/010-advanced-sdk-options/plan.md  |   8 +-
 specs/010-advanced-sdk-options/tasks.md | 130 +++++++++++-------------
 2 files changed, 66 insertions(+), 72 deletions(-)

diff --git a/specs/010-advanced-sdk-options/plan.md b/specs/010-advanced-sdk-options/plan.md
index 83018ce8f..87f1dc5bf 100644
--- a/specs/010-advanced-sdk-options/plan.md
+++ b/specs/010-advanced-sdk-options/plan.md
@@ -73,14 +73,16 @@ components/frontend/src/components/__tests__/
 
 ## Design Decisions
 
-1. **Single file for frontend component** — `advanced-sdk-options.tsx` is a self-contained collapsible panel. No sub-component directory needed. Fields are simple inputs, selects, switches, and textareas.
+1. **Reuse existing form components** — `claude-agent-options/` already exists on main with schema, options-form, and 11 field editors covering all SDK fields. `advanced-sdk-options.tsx` is a thin collapsible wrapper around `AgentOptionsFields`.
 
-2. **Backend allowlist as map literal** — `allowedSdkOptionKeys map[string]bool` at package level. Simple, auditable, no external config.
+2. **Backend allowlist as map literal** — `allowedSdkOptionKeys map[string]bool` at package level. Keys derived from `claudeAgentOptionsSchema` minus platform-internal keys. Backend does key filtering only — JSON marshal handles type serialization.
 
-3. **Runner denylist as frozenset** — `_SDK_OPTIONS_DENYLIST` at module level. Blocks platform-internal keys even if backend is compromised.
+3. **Runner denylist as frozenset** — `_SDK_OPTIONS_DENYLIST` at module level. Blocks platform-internal keys (`cwd`, `api_key`, `mcp_servers`, `setting_sources`, `stderr`, `resume`, `continue_conversation`, `add_dirs`) even if backend is bypassed.
 
 4. **SDK_OPTIONS as JSON string in env var** — Avoids CRD changes. The `environmentVariables` map already exists on the CR spec.
 
 5. **System prompt append-only** — User text appended under `## Custom Instructions` heading. Prevents users from stripping platform security instructions.
 
 6. **Feature flag UI-only** — Backend always accepts `sdkOptions` for API callers. Flag gates the form in the frontend only.
+
+7. **Rename agentOptions → sdkOptions** — Frontend types already have `agentOptions?: Record<string, unknown>` on the request type. Rename to `sdkOptions` for clarity (matches SDK wire format).
diff --git a/specs/010-advanced-sdk-options/tasks.md b/specs/010-advanced-sdk-options/tasks.md
index c6839e3ad..581a51554 100644
--- a/specs/010-advanced-sdk-options/tasks.md
+++ b/specs/010-advanced-sdk-options/tasks.md
@@ -3,102 +3,94 @@
 **Input**: Design documents from `/specs/010-advanced-sdk-options/`
 **Prerequisites**: plan.md (required), spec.md (required)
 
+**Execution skill**: `superpowers:subagent-driven-development` (one subagent per phase, review between phases)
+
 ## Phase 1: Setup
 
-- [ ] T001 [P1] Add `advanced-sdk-options` feature flag to `components/manifests/base/core/flags.json` with `scope:workspace` tag and description "Expose Claude Agent SDK options in session creation UI"
-- [ ] T002 [P1] Verify flag syncs: run `make lint` to confirm `flags.json` is valid JSON and passes check-yaml
+- [ ] T001 Add `advanced-sdk-options` feature flag to `components/manifests/base/core/flags.json` with `scope:workspace` tag
+
+### Commit: `feat(flags): add advanced-sdk-options workspace feature flag`
+
+---
+
+## Phase 2: Backend — SDK Options Filtering (TDD)
 
-## Phase 2: Backend
+**Goal**: Backend accepts `sdkOptions` on session create, filters through allowlist, validates types, serializes to `SDK_OPTIONS` env var on the CR.
 
-### Types
+- [ ] T010 [US1] Add `SdkOptions map[string]interface{}` field with `json:"sdkOptions,omitempty"` to `CreateAgenticSessionRequest` in `components/backend/types/session.go`
+- [ ] T011 [US1] Create `components/backend/handlers/sessions_sdk_options_test.go` (TDD — tests first, then implement). Tests: valid keys pass through, unknown keys silently dropped, empty map returns nil, string/numeric/bool/slice type checks, invalid type returns error
+- [ ] T012 [US1] Implement `allowedSdkOptionKeys` map and `filterSdkOptions` in `components/backend/handlers/sessions.go`. Allowlist keys: all fields from `claudeAgentOptionsSchema` minus denylisted keys (`cwd`, `resume`, `mcp_servers`, `setting_sources`, `continue_conversation`, `add_dirs`, `cli_path`, `settings`, `permission_prompt_tool_name`, `fork_session`). Include `validateSdkOptionValue` for basic type checks on primitives (string, float, int, bool, slice). Complex objects (hooks, agents, sandbox, thinking, mcp_servers) pass through as-is — JSON marshal handles them.
+- [ ] T013 [US1] Wire into `CreateAgenticSession` handler: if `req.SdkOptions` is non-empty, call `filterSdkOptions`, return 400 on error, JSON-serialize into `envVars["SDK_OPTIONS"]`
+- [ ] T014 [US1] Run backend tests: `cd components/backend && go test -tags test -run TestSdkOptions ./handlers/`
 
-- [ ] T010 [P1] [US1] Add `SdkOptions map[string]interface{}` field with `json:"sdkOptions,omitempty"` to `CreateAgenticSessionRequest` in `components/backend/types/session.go`
+### Commit: `feat(backend): add sdkOptions allowlist and type validation`
 
-### Allowlist + Validation (TDD)
+---
 
-- [ ] T011 [P1] [US1] Create test file `components/backend/handlers/sessions_sdk_options_test.go` with `//go:build test` tag. Write tests for `filterSdkOptions`: valid keys pass, unknown keys dropped silently, empty map returns nil
-- [ ] T012 [P1] [US1] Write tests for `validateSdkOptionValue`: `temperature` accepts float64, rejects string; `max_turns` accepts int, rejects float; `system_prompt` accepts string, rejects number; `allowed_tools` accepts []interface{}, rejects string
-- [ ] T013 [P1] [US1] Run tests, verify they fail (functions not yet implemented): `cd components/backend && go test -tags test -run TestSdkOptions ./handlers/`
-- [ ] T014 [P1] [US1] Implement `allowedSdkOptionKeys` map and `filterSdkOptions(opts map[string]interface{}) (map[string]interface{}, error)` in `components/backend/handlers/sessions.go`. Allowlist keys: `temperature`, `max_turns`, `max_budget_usd`, `effort`, `system_prompt`, `permission_mode`, `allowed_tools`, `disallowed_tools`, `thinking`, `max_buffer_size`, `include_partial_messages`, `enable_file_checkpointing`, `sandbox`, `output_format`, `betas`, `hooks`, `agents`, `plugins`, `tools`, `env`, `extra_args`, `user`
-- [ ] T015 [P1] [US1] Implement `validateSdkOptionValue(key string, value interface{}) error` in `components/backend/handlers/sessions.go`. Type-check each key: floats for `temperature`/`max_budget_usd`, int for `max_turns`/`max_buffer_size`, string for `system_prompt`/`permission_mode`/`effort`/`user`, bool for `include_partial_messages`/`enable_file_checkpointing`, slice for `allowed_tools`/`disallowed_tools`/`betas`/`plugins`, map for `thinking`/`sandbox`/`output_format`/`hooks`/`agents`/`env`/`extra_args`/`tools`
-- [ ] T016 [P1] [US1] Run tests, verify they pass: `cd components/backend && go test -tags test -run TestSdkOptions ./handlers/`
+## Phase 3: Runner — SDK_OPTIONS Parsing (TDD)
 
-### Handler Integration
+**Goal**: Runner parses `SDK_OPTIONS` env var, applies denylist, merges system_prompt append-only, passes remaining options to adapter.
 
-- [ ] T017 [P1] [US1] In `CreateAgenticSession` handler in `components/backend/handlers/sessions.go`, after `envVars` is populated: if `req.SdkOptions` is non-empty, call `filterSdkOptions`, return 400 on validation error, JSON-serialize the result into `envVars["SDK_OPTIONS"]`. Skip if filtered result is empty
-- [ ] T018 [P1] [US1] Write integration test in `components/backend/handlers/sessions_sdk_options_test.go`: POST create session with `sdkOptions: {"temperature": 0.3, "max_turns": 5}`, verify CR has `environmentVariables.SDK_OPTIONS` containing the JSON
-- [ ] T019 [P1] [US1] Write edge-case test: POST with `sdkOptions: {"temperature": "hot"}` returns HTTP 400
-- [ ] T020 [P1] [US1] Write edge-case test: POST with `sdkOptions: {"unknown_key": 42}` succeeds, CR `SDK_OPTIONS` does not contain `unknown_key`
-- [ ] T021 [P1] [US1] Write edge-case test: POST with `sdkOptions: {}` succeeds, CR has no `SDK_OPTIONS` key in env vars
-- [ ] T022 [P1] [US1] Run full backend tests: `cd components/backend && go test -tags test ./handlers/`
-- [ ] T023 [P1] [US1] Run backend linters: `cd components/backend && gofmt -l . && go vet ./...`
+- [ ] T020 [US1] Create `components/runners/ambient-runner/tests/test_sdk_options.py` (TDD). Tests: valid JSON parsed, malformed JSON returns empty dict, JSON array returns empty dict, denylisted keys blocked with warning, non-denylisted keys pass, system_prompt appended under `## Custom Instructions` heading
+- [ ] T021 [US1] Implement `_SDK_OPTIONS_DENYLIST` frozenset and SDK_OPTIONS parsing in `components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py`. In `_ensure_adapter`: parse env var, apply denylist with per-key warning logs, handle system_prompt append, merge remaining keys into options dict
+- [ ] T022 [US1] Run runner tests: `cd components/runners/ambient-runner && python -m pytest tests/test_sdk_options.py -v`
 
-### Commit
+### Commit: `feat(runner): parse SDK_OPTIONS env var with denylist and system prompt merge`
 
-- [ ] T024 [P1] Commit Phase 2: "feat(backend): add sdkOptions allowlist and type validation for session creation"
+---
 
-## Phase 3: User Story 1 -- Configure SDK Options (P1)
+## Phase 4: Frontend — Wire Form into Session Creation (TDD)
 
-### Runner: SDK_OPTIONS Parsing (TDD)
+**Goal**: Wrap existing `claude-agent-options/` form in a collapsible container, gate behind feature flag, wire into session create flow.
 
-- [ ] T030 [P1] [US1] Create test file `components/runners/ambient-runner/tests/test_sdk_options.py`. Write tests: parse valid JSON from `SDK_OPTIONS` env var, merge into adapter options dict; malformed JSON logs warning and returns empty dict; JSON array (not object) logs warning and returns empty dict
-- [ ] T031 [P1] [US1] Write denylist tests in `components/runners/ambient-runner/tests/test_sdk_options.py`: `cwd`, `api_key`, `mcp_servers`, `setting_sources`, `stderr`, `resume`, `continue_conversation`, `add_dirs` are blocked; each blocked key logs a warning; non-blocked keys pass through
-- [ ] T032 [P1] [US1] Write system_prompt merge test: when `SDK_OPTIONS` contains `system_prompt`, the platform system prompt dict is preserved and user text is appended under `## Custom Instructions` heading
-- [ ] T033 [P1] [US1] Run tests, verify they fail: `cd components/runners/ambient-runner && python -m pytest tests/test_sdk_options.py -v`
-- [ ] T034 [P1] [US1] Implement `_SDK_OPTIONS_DENYLIST` frozenset and `parse_sdk_options(env_var: str) -> dict` function in `components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py`. Parse JSON, apply denylist, log warnings for blocked keys
-- [ ] T035 [P1] [US1] Implement `_merge_system_prompt(platform_prompt: dict, user_prompt: str) -> dict` in `components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py`. Append user text under `## Custom Instructions` in the platform prompt's append field
-- [ ] T036 [P1] [US1] Integrate in `_ensure_adapter`: call `parse_sdk_options(os.getenv("SDK_OPTIONS", ""))`, handle `system_prompt` key via `_merge_system_prompt`, merge remaining keys into the `options` dict before constructing `ClaudeAgentAdapter` in `components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py`
-- [ ] T037 [P1] [US1] Run tests, verify they pass: `cd components/runners/ambient-runner && python -m pytest tests/test_sdk_options.py -v`
-- [ ] T038 [P1] [US1] Run runner linters: `cd components/runners/ambient-runner && ruff check . && ruff format --check .`
+**Existing on main**: `components/frontend/src/components/claude-agent-options/` has `AgentOptionsFields`, `claudeAgentOptionsSchema`, `claudeAgentOptionsDefaults`, and 11 field editors. Reuse these.
 
-### Commit
+- [ ] T030 [US1] Rename `agentOptions` to `sdkOptions` in `components/frontend/src/types/api/sessions.ts` and `components/frontend/src/types/agentic-session.ts`
+- [ ] T031 [US1] Create `components/frontend/src/components/__tests__/advanced-sdk-options.test.tsx` (TDD). Tests: not rendered when flag is disabled, renders collapsed by default when flag enabled, expands on click, form fields visible when expanded
+- [ ] T032 [US1] Create `components/frontend/src/components/advanced-sdk-options.tsx` — collapsible wrapper using Shadcn `Collapsible`. Imports `AgentOptionsFields` from `claude-agent-options`. Props: `projectName`, `form: UseFormReturn<ClaudeAgentOptionsForm>`, `disabled?`. Uses `useWorkspaceFlag(projectName, "advanced-sdk-options")` to gate visibility
+- [ ] T033 [US1] Wire into `components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/new-session-view.tsx`: add `useForm<ClaudeAgentOptionsForm>` with defaults, render `<AdvancedSdkOptions>`, pass non-empty form values as `sdkOptions` in `onCreateSession` callback
+- [ ] T034 [US1] Wire into `components/frontend/src/app/projects/[name]/new/page.tsx`: accept `sdkOptions` in config, spread into create mutation payload
+- [ ] T035 [US1] Run frontend tests and build: `cd components/frontend && npx vitest run && npm run build`
 
-- [ ] T039 [P1] Commit Phase 3 runner: "feat(runner): parse SDK_OPTIONS env var with denylist and system prompt merge"
+### Commit: `feat(frontend): add collapsible AdvancedSdkOptions gated by workspace flag`
 
-### Frontend: Types
+---
 
-- [ ] T040 [P1] [US1] Rename `agentOptions` field to `sdkOptions` with type `Record<string, unknown>` in `CreateAgenticSessionRequest` in `components/frontend/src/types/api/sessions.ts`. Update the TODO comment to reference `SDK_OPTIONS` env var
-- [ ] T041 [P1] [US1] Rename `agentOptions` field to `sdkOptions` in `CreateAgenticSessionRequest` in `components/frontend/src/types/agentic-session.ts` (canonical type location)
+## Phase 5: Drift Detection (US2)
 
-### Frontend: Wire AdvancedSdkOptions into NewSessionView (TDD)
+**Goal**: Weekly GHA workflow introspects `ClaudeAgentOptions` from PyPI, compares against manifest, opens PR on drift.
 
-- [ ] T042 [P1] [US1] Create test file `components/frontend/src/components/__tests__/advanced-sdk-options.test.tsx`. Write tests: component renders collapsed by default; expanding reveals form fields; form values are emitted on change; component is not rendered when `advanced-sdk-options` flag is false
-- [ ] T043 [P1] [US1] Run tests, verify they fail: `cd components/frontend && npx vitest run --reporter=verbose src/components/__tests__/advanced-sdk-options.test.tsx`
-- [ ] T044 [P1] [US1] Create `components/frontend/src/components/advanced-sdk-options.tsx` — a collapsible wrapper that imports `AgentOptionsFields` from `components/claude-agent-options` and renders inside a `Collapsible` from shadcn/ui. Props: `projectName: string`, `form: UseFormReturn<ClaudeAgentOptionsForm>`, `disabled?: boolean`. Uses `useWorkspaceFlag(projectName, "advanced-sdk-options")` to gate visibility
-- [ ] T045 [P1] [US1] In `components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/new-session-view.tsx`: import `AdvancedSdkOptions`, add `useForm<ClaudeAgentOptionsForm>` with `claudeAgentOptionsDefaults`, render `<AdvancedSdkOptions>` between the input area and pending repo badges. Add `sdkOptions` to the `onCreateSession` callback config type
-- [ ] T046 [P1] [US1] In `NewSessionViewProps.onCreateSession` callback type, add `sdkOptions?: Record<string, unknown>`. In `handleSubmit`, collect non-empty form values and pass as `sdkOptions`
-- [ ] T047 [P1] [US1] In `components/frontend/src/app/projects/[name]/new/page.tsx`: update `handleCreateNewSession` config type to include `sdkOptions`. Wire `config.sdkOptions` into the `createSessionMutation.mutate` data payload as `sdkOptions`
-- [ ] T048 [P1] [US1] Run tests, verify they pass: `cd components/frontend && npx vitest run --reporter=verbose src/components/__tests__/advanced-sdk-options.test.tsx`
-- [ ] T049 [P1] [US1] Run full frontend test suite: `cd components/frontend && npx vitest run`
-- [ ] T050 [P1] [US1] Run frontend build: `cd components/frontend && npm run build`
+- [ ] T040 [US2] Generate `components/runners/ambient-runner/sdk-options-manifest.json` by introspecting the current `claude-agent-sdk` package: install via `uv pip install claude-agent-sdk`, extract fields from `ClaudeAgentOptions.model_fields` (Pydantic), write `{"generatedFrom": "claude-agent-sdk", "generatedAt": "<ISO>", "sdkVersion": "<version>", "options": {"field_name": {"type": "<annotation>", "required": <bool>}}}`
+- [ ] T041 [US2] Create `scripts/sdk-options-drift-check.py`: import `ClaudeAgentOptions`, introspect via `model_fields`, compare against manifest, exit 0 (no drift), exit 1 (drift found — write updated manifest), exit 2 (error). Must handle: `ImportError` (hard fail), Pydantic v1 vs v2 (check for `model_fields` vs `__fields__`)
+- [ ] T042 [US2] Create `.github/workflows/claude-sdk-options-drift.yml`: weekly cron `0 6 * * 1` + `workflow_dispatch`. Steps: checkout, setup Python 3.12, `pip install claude-agent-sdk`, run drift script, if exit 1: create branch `auto/sdk-options-drift-<date>`, commit updated manifest, open PR with `amber:auto-fix` label. If exit 2: fail the workflow loudly.
+- [ ] T043 [US2] Test drift detection end-to-end: run `python scripts/sdk-options-drift-check.py` locally, verify clean exit with current manifest
 
-### Frontend: Update create-session-dialog.tsx (dead code cleanup)
+### Commit: `feat(ci): add weekly Claude SDK options drift detection workflow`
 
-- [ ] T051 [P1] [US1] In `components/frontend/src/components/create-session-dialog.tsx`, update references from `advanced-agent-options` flag to `advanced-sdk-options` and from `agentOptions` to `sdkOptions` in the mutation payload (if this dialog is still used anywhere; otherwise note it as dead code)
+---
 
-### Commit
+## Phase 6: Verify
 
-- [ ] T052 [P1] Commit Phase 3 frontend: "feat(frontend): add AdvancedSdkOptions collapsible form gated by workspace flag"
+- [ ] T050 Run all component test suites: backend (`make test`), frontend (`npx vitest run --coverage`), runner (`python -m pytest tests/ -v`)
+- [ ] T051 Run `npm run build` in frontend (must pass with 0 errors, 0 warnings)
+- [ ] T052 Run `make lint` (pre-commit hooks on all changed files)
+- [ ] T053 Grep changed `.tsx`/`.ts` files for `: any` or `as any` — must be zero
+- [ ] T054 Cross-reference spec acceptance scenarios SC-001 through SC-005 against test coverage
 
-## Phase 4: User Story 2 -- SDK Options Drift Detection (P2)
+### Commit (if fixes needed): `chore: lint and polish for advanced SDK options`
 
-- [ ] T060 [P2] [US2] Create `components/runners/ambient-runner/sdk-options-manifest.json` with current `ClaudeAgentOptions` fields and types from `claude-agent-sdk`. Format: `{"version": "0.1.48", "fields": {"temperature": "float", "max_turns": "int", ...}}`
-- [ ] T061 [P2] [US2] Create `.github/workflows/claude-sdk-options-drift.yml`: weekly cron (`0 6 * * 1`) + `workflow_dispatch`. Job: checkout, setup Python 3.12, `uv pip install claude-agent-sdk`, run introspection script, compare against manifest, open PR with `amber:auto-fix` label if drift detected, clean exit if no drift, hard fail on errors
-- [ ] T062 [P2] [US2] Create `scripts/sdk-options-drift-check.py`: import `ClaudeAgentOptions` from `claude_agent_sdk`, introspect fields via `typing.get_type_hints()` or `dataclasses.fields()`, compare against `sdk-options-manifest.json`, write updated manifest if drift found, exit 0 on no drift, exit 1 on drift (for GHA to detect), exit 2 on error
-- [ ] T063 [P2] [US2] Write test in `components/runners/ambient-runner/tests/test_sdk_options.py`: mock `ClaudeAgentOptions` with an extra field, verify drift script detects it
-- [ ] T064 [P2] [US2] Run drift check manually to verify clean baseline: `cd components/runners/ambient-runner && python ../../scripts/sdk-options-drift-check.py`
+---
 
-### Commit
+## Dependencies
 
-- [ ] T065 [P2] Commit Phase 4: "feat(ci): add weekly Claude SDK options drift detection workflow"
+- **Phase 1** → Phases 2, 3, 4 (flag must exist before frontend gate works)
+- **Phase 2** → Phase 4 (backend must accept `sdkOptions` before frontend sends it)
+- **Phase 3** → independent (runner reads env var, no compile-time dependency on backend)
+- **Phase 4** → depends on Phase 2 (API contract)
+- **Phase 5** → independent (drift workflow has no code dependency on other phases)
+- **Phase 6** → all phases complete
 
-## Phase 5: Polish
+### Parallel opportunities
 
-- [ ] T070 [P1] Run full backend test suite: `cd components/backend && make test`
-- [ ] T071 [P1] Run full frontend test suite with coverage: `cd components/frontend && npx vitest run --coverage`
-- [ ] T072 [P1] Run full runner test suite: `cd components/runners/ambient-runner && python -m pytest tests/ -v`
-- [ ] T073 [P1] Run pre-commit hooks on all changed files: `make lint`
-- [ ] T074 [P1] Run frontend production build: `cd components/frontend && npm run build`
-- [ ] T075 [P1] Verify no `any` types in new/modified frontend code (grep changed .tsx/.ts files for `: any` or `as any`)
-- [ ] T076 [P1] Verify all acceptance scenarios from spec.md are covered by tests (cross-reference SC-001 through SC-005)
-- [ ] T077 [P1] Final commit if any polish changes: "chore: polish and lint fixes for advanced SDK options"
+- **Phases 2 + 3 + 5** can run in parallel (backend, runner, drift are independent)
+- Within Phase 4: T030 (types) must precede T031-T035

From 61b46b2a13bac59a371d1ff49836a869e639799a Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Thu, 16 Apr 2026 00:29:51 -0400
Subject: [PATCH 03/16] feat(flags): add advanced-sdk-options workspace feature
 flag

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 components/manifests/base/core/flags.json | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/components/manifests/base/core/flags.json b/components/manifests/base/core/flags.json
index 6c321b408..43e169fcb 100644
--- a/components/manifests/base/core/flags.json
+++ b/components/manifests/base/core/flags.json
@@ -39,6 +39,16 @@
           "value": "workspace"
         }
       ]
+    },
+    {
+      "name": "advanced-sdk-options",
+      "description": "Show Advanced SDK Options in session creation UI",
+      "tags": [
+        {
+          "type": "scope",
+          "value": "workspace"
+        }
+      ]
     }
   ]
 }

From 23abb3d70d6e39d5551c891bd3efd2651ff21fd8 Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Thu, 16 Apr 2026 00:34:03 -0400
Subject: [PATCH 04/16] feat(runner): parse SDK_OPTIONS env var with denylist
 and system prompt merge

Add _parse_sdk_options() to ClaudeBridge that reads SDK_OPTIONS from the
CR environment, filters denylisted keys (cwd, api_key, mcp_servers, etc.),
merges system_prompt under a Custom Instructions heading, and applies
remaining options to the adapter. Includes 30 tests covering valid/invalid
JSON, denylist enforcement, system prompt merge (string + dict formats),
and _ensure_adapter integration.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../ambient_runner/bridges/claude/bridge.py   |  91 ++++++
 .../ambient-runner/tests/test_sdk_options.py  | 287 ++++++++++++++++++
 2 files changed, 378 insertions(+)
 create mode 100644 components/runners/ambient-runner/tests/test_sdk_options.py

diff --git a/components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py b/components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py
index ee4ef1174..ce72009b2 100644
--- a/components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py
+++ b/components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py
@@ -9,6 +9,7 @@
 - Interrupt and graceful shutdown
 """
 
+import json
 import logging
 import os
 import time
@@ -39,6 +40,87 @@
 # Maximum stderr lines kept in ring buffer for error reporting
 _MAX_STDERR_LINES = 50
 
+# Keys the platform controls — user SDK_OPTIONS cannot override these.
+_SDK_OPTIONS_DENYLIST = frozenset(
+    {
+        "cwd",
+        "resume",
+        "mcp_servers",
+        "setting_sources",
+        "stderr",
+        "continue_conversation",
+        "add_dirs",
+        "api_key",
+    }
+)
+
+
+def _parse_sdk_options(
+    raw: str,
+    existing_system_prompt: str | dict | None = None,
+) -> dict[str, Any]:
+    """Parse the SDK_OPTIONS JSON string and return filtered options.
+
+    - Empty/whitespace input returns ``{}``.
+    - Invalid JSON logs a warning and returns ``{}``.
+    - Non-object JSON (e.g. array) logs a warning and returns ``{}``.
+    - Denylisted keys are dropped with per-key warnings.
+    - ``system_prompt`` (truthy string) is merged into the existing
+      platform prompt under a ``## Custom Instructions`` heading.
+    - ``None`` values are silently dropped.
+    """
+    if not raw or not raw.strip():
+        return {}
+
+    try:
+        parsed = json.loads(raw)
+    except json.JSONDecodeError as exc:
+        logger.warning("SDK_OPTIONS contains invalid JSON, ignoring: %s", exc)
+        return {}
+
+    if not isinstance(parsed, dict):
+        logger.warning(
+            "SDK_OPTIONS must be a JSON object, got %s — ignoring",
+            type(parsed).__name__,
+        )
+        return {}
+
+    result: dict[str, Any] = {}
+    for key, value in parsed.items():
+        if key in _SDK_OPTIONS_DENYLIST:
+            logger.warning("SDK_OPTIONS key '%s' is denied — skipping", key)
+            continue
+
+        if key == "system_prompt":
+            if not value or not isinstance(value, str) or not value.strip():
+                continue
+            # Merge into existing system prompt
+            suffix = f"\n\n## Custom Instructions\n{value}"
+            if isinstance(existing_system_prompt, dict):
+                merged = dict(existing_system_prompt)
+                if "append" in merged:
+                    merged["append"] = merged["append"] + suffix
+                elif "text" in merged:
+                    merged["text"] = merged["text"] + suffix
+                else:
+                    # Unknown dict shape — add an "append" field
+                    merged["append"] = value
+                result["system_prompt"] = merged
+            elif isinstance(existing_system_prompt, str):
+                result["system_prompt"] = existing_system_prompt + suffix
+            else:
+                # No existing prompt — use the custom instructions directly
+                result["system_prompt"] = f"## Custom Instructions\n{value}"
+            continue
+
+        if value is not None:
+            result[key] = value
+
+    if result:
+        logger.info("Applied %d SDK option(s) from SDK_OPTIONS", len(result))
+
+    return result
+
 
 class ClaudeBridge(PlatformBridge):
     """Bridge between the Ambient platform and the Claude Agent SDK.
@@ -635,6 +717,15 @@ def _stderr_handler(line: str) -> None:
         if self._configured_model:
             options["model"] = self._configured_model
 
+        # Apply user SDK_OPTIONS (from CR env vars) with denylist filtering
+        sdk_options_raw = os.getenv("SDK_OPTIONS", "")
+        if sdk_options_raw:
+            user_opts = _parse_sdk_options(
+                sdk_options_raw,
+                existing_system_prompt=options.get("system_prompt"),
+            )
+            options.update(user_opts)
+
         adapter = ClaudeAgentAdapter(
             name="claude_code_runner",
             description="Ambient Code Platform Claude session",
diff --git a/components/runners/ambient-runner/tests/test_sdk_options.py b/components/runners/ambient-runner/tests/test_sdk_options.py
new file mode 100644
index 000000000..078d37caf
--- /dev/null
+++ b/components/runners/ambient-runner/tests/test_sdk_options.py
@@ -0,0 +1,287 @@
+"""Tests for SDK_OPTIONS env var parsing in ClaudeBridge._ensure_adapter."""
+
+import json
+import logging
+import os
+from typing import Any
+from unittest.mock import patch
+
+import pytest
+
+from ambient_runner.bridges.claude.bridge import (
+    ClaudeBridge,
+    _SDK_OPTIONS_DENYLIST,
+    _parse_sdk_options,
+)
+
+
+# ------------------------------------------------------------------
+# Helpers
+# ------------------------------------------------------------------
+
+ENV_KEY = "SDK_OPTIONS"
+
+
+def _make_bridge(**overrides: Any) -> ClaudeBridge:
+    """Create a ClaudeBridge with minimal state so _ensure_adapter() can run."""
+    bridge = ClaudeBridge()
+    bridge._cwd_path = overrides.get("cwd_path", "/workspace")
+    bridge._allowed_tools = overrides.get("allowed_tools", [])
+    bridge._mcp_servers = overrides.get("mcp_servers", {})
+    bridge._system_prompt = overrides.get(
+        "system_prompt", {"type": "preset", "preset": "claude_code", "append": "base"}
+    )
+    bridge._add_dirs = overrides.get("add_dirs", [])
+    bridge._configured_model = overrides.get("configured_model", "")
+    return bridge
+
+
+# ------------------------------------------------------------------
+# _parse_sdk_options unit tests
+# ------------------------------------------------------------------
+
+
+class TestParseSdkOptionsValidJson:
+    """Valid JSON from SDK_OPTIONS env var is parsed into a dict."""
+
+    def test_valid_json_returns_dict(self):
+        raw = json.dumps({"max_tokens": 4096, "temperature": 0.5})
+        result = _parse_sdk_options(raw)
+        assert result == {"max_tokens": 4096, "temperature": 0.5}
+
+    def test_empty_string_returns_empty_dict(self):
+        assert _parse_sdk_options("") == {}
+
+    def test_whitespace_only_returns_empty_dict(self):
+        assert _parse_sdk_options("   ") == {}
+
+
+class TestParseSdkOptionsMalformedJson:
+    """Malformed JSON (not valid JSON) logs a warning and returns empty dict."""
+
+    def test_malformed_json_returns_empty(self, caplog):
+        with caplog.at_level(logging.WARNING):
+            result = _parse_sdk_options("{not valid json")
+        assert result == {}
+        assert any(
+            "SDK_OPTIONS" in r.message and "invalid JSON" in r.message
+            for r in caplog.records
+        )
+
+    def test_trailing_comma_returns_empty(self, caplog):
+        with caplog.at_level(logging.WARNING):
+            result = _parse_sdk_options('{"a": 1,}')
+        assert result == {}
+
+
+class TestParseSdkOptionsJsonArray:
+    """JSON array (valid JSON but not object) logs a warning and returns empty dict."""
+
+    def test_json_array_returns_empty(self, caplog):
+        with caplog.at_level(logging.WARNING):
+            result = _parse_sdk_options("[1, 2, 3]")
+        assert result == {}
+        assert any("must be a JSON object" in r.message for r in caplog.records)
+
+    def test_json_string_returns_empty(self, caplog):
+        with caplog.at_level(logging.WARNING):
+            result = _parse_sdk_options('"just a string"')
+        assert result == {}
+
+
+class TestParseSdkOptionsDenylist:
+    """Denylisted keys are blocked with per-key warning."""
+
+    @pytest.mark.parametrize("key", sorted(_SDK_OPTIONS_DENYLIST))
+    def test_denylisted_key_blocked(self, key, caplog):
+        raw = json.dumps({key: "some_value"})
+        with caplog.at_level(logging.WARNING):
+            result = _parse_sdk_options(raw)
+        assert key not in result
+        assert any(key in r.message and "denied" in r.message for r in caplog.records)
+
+    def test_all_denylisted_keys_present(self):
+        """Verify the denylist contains expected keys."""
+        expected = {
+            "cwd",
+            "api_key",
+            "mcp_servers",
+            "setting_sources",
+            "stderr",
+            "resume",
+            "continue_conversation",
+            "add_dirs",
+        }
+        assert _SDK_OPTIONS_DENYLIST == expected
+
+    def test_mixed_allowed_and_denied(self, caplog):
+        raw = json.dumps({"temperature": 0.5, "cwd": "/bad", "max_tokens": 100})
+        with caplog.at_level(logging.WARNING):
+            result = _parse_sdk_options(raw)
+        assert result == {"temperature": 0.5, "max_tokens": 100}
+        assert "cwd" not in result
+
+
+class TestParseSdkOptionsPassthrough:
+    """Non-denylisted keys pass through."""
+
+    def test_allowed_keys_pass_through(self):
+        raw = json.dumps(
+            {
+                "temperature": 0.7,
+                "max_tokens": 8192,
+                "model": "claude-sonnet-4-20250514",
+            }
+        )
+        result = _parse_sdk_options(raw)
+        assert result == {
+            "temperature": 0.7,
+            "max_tokens": 8192,
+            "model": "claude-sonnet-4-20250514",
+        }
+
+    def test_none_value_excluded(self):
+        raw = json.dumps({"temperature": None})
+        result = _parse_sdk_options(raw)
+        assert "temperature" not in result
+
+    def test_count_logged_at_info(self, caplog):
+        raw = json.dumps({"temperature": 0.5, "max_tokens": 100})
+        with caplog.at_level(logging.INFO):
+            _parse_sdk_options(raw)
+        assert any("2 SDK option(s)" in r.message for r in caplog.records)
+
+
+class TestParseSdkOptionsSystemPromptString:
+    """system_prompt string value is appended to platform prompt under Custom Instructions heading."""
+
+    def test_system_prompt_appended_to_string_prompt(self):
+        raw = json.dumps({"system_prompt": "Always respond in French"})
+        result = _parse_sdk_options(raw, existing_system_prompt="You are helpful.")
+        assert result["system_prompt"] == (
+            "You are helpful.\n\n## Custom Instructions\nAlways respond in French"
+        )
+
+    def test_system_prompt_appended_to_dict_prompt_with_append_field(self):
+        existing = {"type": "preset", "preset": "claude_code", "append": "base prompt"}
+        raw = json.dumps({"system_prompt": "Use Python 3.12"})
+        result = _parse_sdk_options(raw, existing_system_prompt=existing)
+        expected = dict(existing)
+        expected["append"] = "base prompt\n\n## Custom Instructions\nUse Python 3.12"
+        assert result["system_prompt"] == expected
+
+    def test_system_prompt_dict_with_text_field(self):
+        existing = {"text": "You are a code reviewer."}
+        raw = json.dumps({"system_prompt": "Focus on security"})
+        result = _parse_sdk_options(raw, existing_system_prompt=existing)
+        expected = dict(existing)
+        expected["text"] = (
+            "You are a code reviewer.\n\n## Custom Instructions\nFocus on security"
+        )
+        assert result["system_prompt"] == expected
+
+
+class TestParseSdkOptionsSystemPromptIgnored:
+    """system_prompt as None/empty is ignored (platform prompt unchanged)."""
+
+    def test_system_prompt_none_ignored(self):
+        raw = json.dumps({"system_prompt": None})
+        result = _parse_sdk_options(raw, existing_system_prompt="base")
+        assert "system_prompt" not in result
+
+    def test_system_prompt_empty_string_ignored(self):
+        raw = json.dumps({"system_prompt": ""})
+        result = _parse_sdk_options(raw, existing_system_prompt="base")
+        assert "system_prompt" not in result
+
+    def test_system_prompt_whitespace_ignored(self):
+        raw = json.dumps({"system_prompt": "   "})
+        result = _parse_sdk_options(raw, existing_system_prompt="base")
+        assert "system_prompt" not in result
+
+
+# ------------------------------------------------------------------
+# Integration: _ensure_adapter applies SDK_OPTIONS
+# ------------------------------------------------------------------
+
+
+class TestEnsureAdapterSdkOptions:
+    """Verify _ensure_adapter integrates _parse_sdk_options into the adapter options."""
+
+    def test_sdk_options_applied_to_adapter(self):
+        bridge = _make_bridge()
+        env = {ENV_KEY: json.dumps({"temperature": 0.3, "max_tokens": 2048})}
+
+        with (
+            patch.dict(os.environ, env, clear=False),
+            patch(
+                "ambient_runner.bridges.claude.bridge.ClaudeAgentAdapter"
+            ) as mock_adapter_cls,
+        ):
+            bridge._ensure_adapter()
+
+        call_kwargs = mock_adapter_cls.call_args[1]
+        opts = call_kwargs["options"]
+        assert opts["temperature"] == 0.3
+        assert opts["max_tokens"] == 2048
+
+    def test_sdk_options_denylisted_key_not_in_adapter(self):
+        bridge = _make_bridge()
+        env = {ENV_KEY: json.dumps({"cwd": "/evil", "temperature": 0.5})}
+
+        with (
+            patch.dict(os.environ, env, clear=False),
+            patch(
+                "ambient_runner.bridges.claude.bridge.ClaudeAgentAdapter"
+            ) as mock_adapter_cls,
+        ):
+            bridge._ensure_adapter()
+
+        call_kwargs = mock_adapter_cls.call_args[1]
+        opts = call_kwargs["options"]
+        # cwd should remain the bridge's own value, not overridden
+        assert opts["cwd"] == "/workspace"
+        assert opts["temperature"] == 0.5
+
+    def test_sdk_options_system_prompt_merged(self):
+        bridge = _make_bridge(
+            system_prompt={
+                "type": "preset",
+                "preset": "claude_code",
+                "append": "platform base",
+            }
+        )
+        env = {ENV_KEY: json.dumps({"system_prompt": "Be concise"})}
+
+        with (
+            patch.dict(os.environ, env, clear=False),
+            patch(
+                "ambient_runner.bridges.claude.bridge.ClaudeAgentAdapter"
+            ) as mock_adapter_cls,
+        ):
+            bridge._ensure_adapter()
+
+        call_kwargs = mock_adapter_cls.call_args[1]
+        opts = call_kwargs["options"]
+        assert "## Custom Instructions" in opts["system_prompt"]["append"]
+        assert "Be concise" in opts["system_prompt"]["append"]
+
+    def test_no_sdk_options_env_var(self):
+        bridge = _make_bridge()
+        env = {}
+
+        with (
+            patch.dict(os.environ, env, clear=False),
+            patch(
+                "ambient_runner.bridges.claude.bridge.ClaudeAgentAdapter"
+            ) as mock_adapter_cls,
+        ):
+            # Ensure SDK_OPTIONS is not set
+            os.environ.pop(ENV_KEY, None)
+            bridge._ensure_adapter()
+
+        call_kwargs = mock_adapter_cls.call_args[1]
+        opts = call_kwargs["options"]
+        # Should have base options only
+        assert opts["cwd"] == "/workspace"
+        assert "temperature" not in opts

From 9b82b25b1e5f81d67fdaee17f6b52e2b2d1ff848 Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Thu, 16 Apr 2026 00:36:29 -0400
Subject: [PATCH 05/16] feat(backend): add sdkOptions allowlist and type
 validation

Add SDK options filtering and validation to the session creation handler.
User-provided sdkOptions are filtered against an allowlist of safe keys,
type-validated (string/numeric/bool/slice/complex), and serialized as
JSON into the SDK_OPTIONS environment variable on the CR spec. Unknown
keys are silently dropped; platform-internal keys (cwd, resume,
mcp_servers, api_key, etc.) are excluded.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 components/backend/handlers/sessions.go       | 155 ++++++++++
 .../handlers/sessions_sdk_options_test.go     | 273 ++++++++++++++++++
 components/backend/types/session.go           |  31 +-
 3 files changed, 444 insertions(+), 15 deletions(-)
 create mode 100644 components/backend/handlers/sessions_sdk_options_test.go

diff --git a/components/backend/handlers/sessions.go b/components/backend/handlers/sessions.go
index 55df5788d..bb899e4ab 100755
--- a/components/backend/handlers/sessions.go
+++ b/components/backend/handlers/sessions.go
@@ -66,6 +66,144 @@ var (
 	ootbCacheTTL = 5 * time.Minute // Cache OOTB workflows for 5 minutes
 )
 
+// allowedSdkOptionKeys defines the SDK options that users are allowed to configure.
+// Keys NOT in this map are silently dropped by filterSdkOptions.
+// Platform-internal keys (cwd, resume, mcp_servers, api_key, etc.) are excluded
+// because they are set by the runner, not users.
+var allowedSdkOptionKeys = map[string]bool{
+	// String keys
+	"system_prompt":   true,
+	"permission_mode": true,
+	"effort":          true,
+	"user":            true,
+	// Numeric keys
+	"max_turns":       true,
+	"max_budget_usd":  true,
+	"max_buffer_size": true,
+	// Bool keys
+	"include_partial_messages":  true,
+	"enable_file_checkpointing": true,
+	// Slice keys
+	"allowed_tools":    true,
+	"disallowed_tools": true,
+	"betas":            true,
+	"plugins":          true,
+	// Complex object keys (maps, nested structures)
+	"thinking":      true,
+	"tools":         true,
+	"sandbox":       true,
+	"output_format": true,
+	"hooks":         true,
+	"agents":        true,
+	"env":           true,
+	"extra_args":    true,
+}
+
+// sdkOptionStringKeys are SDK options that must be string values.
+var sdkOptionStringKeys = map[string]bool{
+	"permission_mode": true,
+	"effort":          true,
+	"user":            true,
+}
+
+// sdkOptionNumericKeys are SDK options that must be numeric (float64 or int).
+var sdkOptionNumericKeys = map[string]bool{
+	"max_turns":       true,
+	"max_budget_usd":  true,
+	"max_buffer_size": true,
+}
+
+// sdkOptionBoolKeys are SDK options that must be boolean.
+var sdkOptionBoolKeys = map[string]bool{
+	"include_partial_messages":  true,
+	"enable_file_checkpointing": true,
+}
+
+// sdkOptionSliceKeys are SDK options that must be slices ([]interface{}).
+var sdkOptionSliceKeys = map[string]bool{
+	"allowed_tools":    true,
+	"disallowed_tools": true,
+	"betas":            true,
+	"plugins":          true,
+}
+
+// validateSdkOptionValue performs basic type checking on a single SDK option value.
+// nil values always pass. Complex object keys (thinking, sandbox, etc.) accept any value.
+func validateSdkOptionValue(key string, value interface{}) error {
+	if value == nil {
+		return nil
+	}
+
+	// system_prompt can be string or map (preset format)
+	if key == "system_prompt" {
+		switch value.(type) {
+		case string, map[string]interface{}:
+			return nil
+		default:
+			return fmt.Errorf("sdkOptions.%s must be a string or object, got %T", key, value)
+		}
+	}
+
+	if sdkOptionStringKeys[key] {
+		if _, ok := value.(string); !ok {
+			return fmt.Errorf("sdkOptions.%s must be a string, got %T", key, value)
+		}
+		return nil
+	}
+
+	if sdkOptionNumericKeys[key] {
+		switch value.(type) {
+		case float64, int:
+			return nil
+		default:
+			return fmt.Errorf("sdkOptions.%s must be a number, got %T", key, value)
+		}
+	}
+
+	if sdkOptionBoolKeys[key] {
+		if _, ok := value.(bool); !ok {
+			return fmt.Errorf("sdkOptions.%s must be a boolean, got %T", key, value)
+		}
+		return nil
+	}
+
+	if sdkOptionSliceKeys[key] {
+		if _, ok := value.([]interface{}); !ok {
+			return fmt.Errorf("sdkOptions.%s must be an array, got %T", key, value)
+		}
+		return nil
+	}
+
+	// Complex object keys (thinking, sandbox, output_format, hooks, agents, env, extra_args, tools)
+	// accept any value — JSON serialization handles them.
+	return nil
+}
+
+// filterSdkOptions filters an SDK options map, keeping only allowed keys and
+// validating primitive types. Unknown keys are silently dropped. Returns nil
+// if the input is nil/empty or all keys were filtered out.
+func filterSdkOptions(opts map[string]interface{}) (map[string]interface{}, error) {
+	if len(opts) == 0 {
+		return nil, nil
+	}
+
+	filtered := make(map[string]interface{})
+	for key, value := range opts {
+		if !allowedSdkOptionKeys[key] {
+			continue
+		}
+		if err := validateSdkOptionValue(key, value); err != nil {
+			return nil, err
+		}
+		filtered[key] = value
+	}
+
+	if len(filtered) == 0 {
+		return nil, nil
+	}
+	return filtered, nil
+}
+
 // isBinaryContentType checks if a MIME type represents binary content that should be base64 encoded.
 // This includes images, archives, documents, executables, and other non-text formats.
 func isBinaryContentType(contentType string) bool {
@@ -866,6 +1004,23 @@ func CreateSession(c *gin.Context) {
 		// Note: Operator will delete temp pod when session starts (desired-phase=Running)
 	}
 
+	// Process SDK options: filter to allowed keys, validate types, serialize to JSON.
+	if len(req.SdkOptions) > 0 {
+		filtered, err := filterSdkOptions(req.SdkOptions)
+		if err != nil {
+			c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+			return
+		}
+		if filtered != nil {
+			sdkJSON, err := json.Marshal(filtered)
+			if err != nil {
+				c.JSON(http.StatusBadRequest, gin.H{"error": fmt.Sprintf("failed to serialize sdkOptions: %v", err)})
+				return
+			}
+			envVars["SDK_OPTIONS"] = string(sdkJSON)
+		}
+	}
+
 	if len(envVars) > 0 {
 		spec := session["spec"].(map[string]interface{})
 		// Convert map[string]string to map[string]interface{} for unstructured
diff --git a/components/backend/handlers/sessions_sdk_options_test.go b/components/backend/handlers/sessions_sdk_options_test.go
new file mode 100644
index 000000000..5d0c9c81e
--- /dev/null
+++ b/components/backend/handlers/sessions_sdk_options_test.go
@@ -0,0 +1,273 @@
+//go:build test
+
+package handlers
+
+import (
+	test_constants "ambient-code-backend/tests/constants"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+)
+
+var _ = Describe("SDK Options", Label(test_constants.LabelUnit, test_constants.LabelHandlers, test_constants.LabelSessions), func() {
+
+	Describe("filterSdkOptions", func() {
+		It("should pass through valid keys unchanged", func() {
+			input := map[string]interface{}{
+				"system_prompt":  "You are helpful",
+				"max_turns":      float64(10),
+				"max_budget_usd": float64(5.0),
+			}
+			result, err := filterSdkOptions(input)
+			Expect(err).NotTo(HaveOccurred())
+			Expect(result).To(HaveLen(3))
+			Expect(result["system_prompt"]).To(Equal("You are helpful"))
+			Expect(result["max_turns"]).To(Equal(float64(10)))
+			Expect(result["max_budget_usd"]).To(Equal(float64(5.0)))
+		})
+
+		It("should silently drop unknown keys", func() {
+			input := map[string]interface{}{
+				"system_prompt":   "valid",
+				"unknown_key":     "dropped",
+				"another_unknown": 42,
+			}
+			result, err := filterSdkOptions(input)
+			Expect(err).NotTo(HaveOccurred())
+			Expect(result).To(HaveLen(1))
+			Expect(result).To(HaveKey("system_prompt"))
+			Expect(result).NotTo(HaveKey("unknown_key"))
+			Expect(result).NotTo(HaveKey("another_unknown"))
+		})
+
+		It("should drop platform-internal keys (cwd, resume, mcp_servers, etc.)", func() {
+			input := map[string]interface{}{
+				"cwd":                         "/some/path",
+				"resume":                      true,
+				"mcp_servers":                 []interface{}{},
+				"setting_sources":             "something",
+				"continue_conversation":       true,
+				"add_dirs":                    []interface{}{"/a"},
+				"cli_path":                    "/usr/bin/claude",
+				"settings":                    map[string]interface{}{},
+				"permission_prompt_tool_name": "tool",
+				"fork_session":                true,
+				"api_key":                     "sk-secret",
+				"stderr":                      "pipe",
+				"system_prompt":               "valid key",
+			}
+			result, err := filterSdkOptions(input)
+			Expect(err).NotTo(HaveOccurred())
+			Expect(result).To(HaveLen(1))
+			Expect(result).To(HaveKey("system_prompt"))
+		})
+
+		It("should return nil for empty map", func() {
+			result, err := filterSdkOptions(map[string]interface{}{})
+			Expect(err).NotTo(HaveOccurred())
+			Expect(result).To(BeNil())
+		})
+
+		It("should return nil for nil input", func() {
+			result, err := filterSdkOptions(nil)
+			Expect(err).NotTo(HaveOccurred())
+			Expect(result).To(BeNil())
+		})
+
+		It("should return nil when all keys are filtered out", func() {
+			input := map[string]interface{}{
+				"unknown_key": "value",
+				"api_key":     "secret",
+			}
+			result, err := filterSdkOptions(input)
+			Expect(err).NotTo(HaveOccurred())
+			Expect(result).To(BeNil())
+		})
+
+		It("should return error when a valid key has wrong type", func() {
+			input := map[string]interface{}{
+				"max_turns": "not a number",
+			}
+			_, err := filterSdkOptions(input)
+			Expect(err).To(HaveOccurred())
+			Expect(err.Error()).To(ContainSubstring("max_turns"))
+		})
+	})
+
+	Describe("validateSdkOptionValue", func() {
+
+		// --- String keys ---
+
+		Context("string keys (system_prompt, permission_mode, effort, user)", func() {
+			stringKeys := []string{"permission_mode", "effort", "user"}
+
+			It("should accept string values", func() {
+				for _, key := range stringKeys {
+					err := validateSdkOptionValue(key, "valid string")
+					Expect(err).NotTo(HaveOccurred(), "key=%s should accept string", key)
+				}
+			})
+
+			It("should reject numeric values for string keys", func() {
+				for _, key := range stringKeys {
+					err := validateSdkOptionValue(key, float64(42))
+					Expect(err).To(HaveOccurred(), "key=%s should reject number", key)
+				}
+			})
+		})
+
+		Context("system_prompt (string or map)", func() {
+			It("should accept a string value", func() {
+				err := validateSdkOptionValue("system_prompt", "You are helpful")
+				Expect(err).NotTo(HaveOccurred())
+			})
+
+			It("should accept a map value (preset format)", func() {
+				preset := map[string]interface{}{
+					"type": "preset",
+					"name": "my-preset",
+				}
+				err := validateSdkOptionValue("system_prompt", preset)
+				Expect(err).NotTo(HaveOccurred())
+			})
+
+			It("should reject a numeric value", func() {
+				err := validateSdkOptionValue("system_prompt", float64(42))
+				Expect(err).To(HaveOccurred())
+				Expect(err.Error()).To(ContainSubstring("system_prompt"))
+			})
+		})
+
+		// --- Numeric keys ---
+
+		Context("numeric keys (max_turns, max_budget_usd, max_buffer_size)", func() {
+			numericKeys := []string{"max_turns", "max_budget_usd", "max_buffer_size"}
+
+			It("should accept float64 values", func() {
+				for _, key := range numericKeys {
+					err := validateSdkOptionValue(key, float64(10))
+					Expect(err).NotTo(HaveOccurred(), "key=%s should accept float64", key)
+				}
+			})
+
+			It("should accept int values", func() {
+				for _, key := range numericKeys {
+					err := validateSdkOptionValue(key, 10)
+					Expect(err).NotTo(HaveOccurred(), "key=%s should accept int", key)
+				}
+			})
+
+			It("should reject string values for numeric keys", func() {
+				for _, key := range numericKeys {
+					err := validateSdkOptionValue(key, "not a number")
+					Expect(err).To(HaveOccurred(), "key=%s should reject string", key)
+				}
+			})
+
+			It("should reject bool values for numeric keys", func() {
+				for _, key := range numericKeys {
+					err := validateSdkOptionValue(key, true)
+					Expect(err).To(HaveOccurred(), "key=%s should reject bool", key)
+				}
+			})
+		})
+
+		// --- Bool keys ---
+
+		Context("bool keys (include_partial_messages, enable_file_checkpointing)", func() {
+			boolKeys := []string{"include_partial_messages", "enable_file_checkpointing"}
+
+			It("should accept bool values", func() {
+				for _, key := range boolKeys {
+					err := validateSdkOptionValue(key, true)
+					Expect(err).NotTo(HaveOccurred(), "key=%s should accept true", key)
+					err = validateSdkOptionValue(key, false)
+					Expect(err).NotTo(HaveOccurred(), "key=%s should accept false", key)
+				}
+			})
+
+			It("should reject string values for bool keys", func() {
+				for _, key := range boolKeys {
+					err := validateSdkOptionValue(key, "true")
+					Expect(err).To(HaveOccurred(), "key=%s should reject string", key)
+				}
+			})
+
+			It("should reject numeric values for bool keys", func() {
+				for _, key := range boolKeys {
+					err := validateSdkOptionValue(key, float64(1))
+					Expect(err).To(HaveOccurred(), "key=%s should reject number", key)
+				}
+			})
+		})
+
+		// --- Slice keys ---
+
+		Context("slice keys (allowed_tools, disallowed_tools, betas, plugins)", func() {
+			sliceKeys := []string{"allowed_tools", "disallowed_tools", "betas", "plugins"}
+
+			It("should accept []interface{} values", func() {
+				for _, key := range sliceKeys {
+					err := validateSdkOptionValue(key, []interface{}{"item1", "item2"})
+					Expect(err).NotTo(HaveOccurred(), "key=%s should accept slice", key)
+				}
+			})
+
+			It("should accept empty []interface{}", func() {
+				for _, key := range sliceKeys {
+					err := validateSdkOptionValue(key, []interface{}{})
+					Expect(err).NotTo(HaveOccurred(), "key=%s should accept empty slice", key)
+				}
+			})
+
+			It("should reject string values for slice keys", func() {
+				for _, key := range sliceKeys {
+					err := validateSdkOptionValue(key, "not a slice")
+					Expect(err).To(HaveOccurred(), "key=%s should reject string", key)
+				}
+			})
+		})
+
+		// --- Complex object keys ---
+
+		Context("complex object keys (thinking, sandbox, output_format, hooks, agents, env, extra_args, tools)", func() {
+			complexKeys := []string{"thinking", "sandbox", "output_format", "hooks", "agents", "env", "extra_args", "tools"}
+
+			It("should accept map[string]interface{} values", func() {
+				for _, key := range complexKeys {
+					val := map[string]interface{}{"nested": "value"}
+					err := validateSdkOptionValue(key, val)
+					Expect(err).NotTo(HaveOccurred(), "key=%s should accept map", key)
+				}
+			})
+
+			It("should pass through non-map values for complex keys (JSON handles them)", func() {
+				for _, key := range complexKeys {
+					// Complex keys accept anything that JSON can serialize
+					err := validateSdkOptionValue(key, "string-value")
+					Expect(err).NotTo(HaveOccurred(), "key=%s should pass through string", key)
+					err = validateSdkOptionValue(key, float64(42))
+					Expect(err).NotTo(HaveOccurred(), "key=%s should pass through number", key)
+					err = validateSdkOptionValue(key, true)
+					Expect(err).NotTo(HaveOccurred(), "key=%s should pass through bool", key)
+				}
+			})
+		})
+
+		// --- nil values ---
+
+		Context("nil values", func() {
+			It("should always pass validation for any key", func() {
+				keys := []string{
+					"system_prompt", "permission_mode", "max_turns",
+					"max_budget_usd", "include_partial_messages",
+					"allowed_tools", "thinking", "effort", "user",
+				}
+				for _, key := range keys {
+					err := validateSdkOptionValue(key, nil)
+					Expect(err).NotTo(HaveOccurred(), "key=%s should accept nil", key)
+				}
+			})
+		})
+	})
+})
diff --git a/components/backend/types/session.go b/components/backend/types/session.go
index 022822c57..d092c8719 100755
--- a/components/backend/types/session.go
+++ b/components/backend/types/session.go
@@ -63,21 +63,22 @@ type AgenticSessionStatus struct {
 }
 
 type CreateAgenticSessionRequest struct {
-	InitialPrompt        string             `json:"initialPrompt,omitempty"`
-	DisplayName          string             `json:"displayName,omitempty"`
-	RunnerType           string             `json:"runnerType,omitempty"`
-	LLMSettings          *LLMSettings       `json:"llmSettings,omitempty"`
-	Timeout              *int               `json:"timeout,omitempty"`
-	InactivityTimeout    *int               `json:"inactivityTimeout,omitempty"`
-	StopOnRunFinished    *bool              `json:"stopOnRunFinished,omitempty"`
-	ParentSessionID      string             `json:"parent_session_id,omitempty"`
-	Repos                []SimpleRepo       `json:"repos,omitempty"`
-	ActiveWorkflow       *WorkflowSelection `json:"activeWorkflow,omitempty"`
-	UserContext          *UserContext       `json:"userContext,omitempty"`
-	EnvironmentVariables map[string]string  `json:"environmentVariables,omitempty"`
-	Labels               map[string]string  `json:"labels,omitempty"`
-	Annotations          map[string]string  `json:"annotations,omitempty"`
-	MCPServers           *MCPServersConfig  `json:"mcpServers,omitempty"`
+	InitialPrompt        string                 `json:"initialPrompt,omitempty"`
+	DisplayName          string                 `json:"displayName,omitempty"`
+	RunnerType           string                 `json:"runnerType,omitempty"`
+	LLMSettings          *LLMSettings           `json:"llmSettings,omitempty"`
+	Timeout              *int                   `json:"timeout,omitempty"`
+	InactivityTimeout    *int                   `json:"inactivityTimeout,omitempty"`
+	StopOnRunFinished    *bool                  `json:"stopOnRunFinished,omitempty"`
+	ParentSessionID      string                 `json:"parent_session_id,omitempty"`
+	Repos                []SimpleRepo           `json:"repos,omitempty"`
+	ActiveWorkflow       *WorkflowSelection     `json:"activeWorkflow,omitempty"`
+	UserContext          *UserContext            `json:"userContext,omitempty"`
+	EnvironmentVariables map[string]string       `json:"environmentVariables,omitempty"`
+	Labels               map[string]string       `json:"labels,omitempty"`
+	Annotations          map[string]string       `json:"annotations,omitempty"`
+	MCPServers           *MCPServersConfig       `json:"mcpServers,omitempty"`
+	SdkOptions           map[string]interface{}  `json:"sdkOptions,omitempty"`
 }
 
 type CloneSessionRequest struct {

From 9ad4b7a60fb59d8e6c47363d9d7c98356a23fc79 Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Thu, 16 Apr 2026 00:37:28 -0400
Subject: [PATCH 06/16] feat(ci): add weekly Claude SDK options drift detection
 workflow

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../workflows/claude-sdk-options-drift.yml    |  51 ++++++
 .../ambient-runner/sdk-options-manifest.json  | 164 ++++++++++++++++++
 scripts/sdk-options-drift-check.py            | 160 +++++++++++++++++
 3 files changed, 375 insertions(+)
 create mode 100644 .github/workflows/claude-sdk-options-drift.yml
 create mode 100644 components/runners/ambient-runner/sdk-options-manifest.json
 create mode 100755 scripts/sdk-options-drift-check.py

diff --git a/.github/workflows/claude-sdk-options-drift.yml b/.github/workflows/claude-sdk-options-drift.yml
new file mode 100644
index 000000000..a67c4b31a
--- /dev/null
+++ b/.github/workflows/claude-sdk-options-drift.yml
@@ -0,0 +1,51 @@
+name: Claude SDK Options Drift Check
+
+on:
+  schedule:
+    - cron: '0 6 * * 1'  # Weekly Monday 6am UTC
+  workflow_dispatch:
+
+concurrency:
+  group: claude-sdk-options-drift
+  cancel-in-progress: true
+
+jobs:
+  check-drift:
+    name: Check SDK Options Drift
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+      - name: Install SDK
+        run: pip install claude-agent-sdk
+      - name: Check for drift
+        id: drift
+        run: |
+          EXIT_CODE=0
+          python scripts/sdk-options-drift-check.py || EXIT_CODE=$?
+          echo "exit_code=$EXIT_CODE" >> "$GITHUB_OUTPUT"
+          if [ "$EXIT_CODE" -eq 2 ]; then
+            echo "::error::Drift check encountered an error"
+            exit 1
+          fi
+      - name: Create PR if drift detected
+        if: steps.drift.outputs.exit_code == '1'
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          BRANCH="auto/sdk-options-drift-$(date +%Y%m%d)"
+          git config user.name "github-actions[bot]"
+          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git checkout -b "$BRANCH"
+          git add components/runners/ambient-runner/sdk-options-manifest.json
+          git commit -m "chore: update SDK options manifest for drift"
+          git push origin "$BRANCH"
+          gh pr create \
+            --title "chore: SDK options manifest drift detected" \
+            --body "Weekly drift check found changes in ClaudeAgentOptions fields. Review and update allowlist/UI as needed." \
+            --label "amber:auto-fix"
diff --git a/components/runners/ambient-runner/sdk-options-manifest.json b/components/runners/ambient-runner/sdk-options-manifest.json
new file mode 100644
index 000000000..0a4a1f1f8
--- /dev/null
+++ b/components/runners/ambient-runner/sdk-options-manifest.json
@@ -0,0 +1,164 @@
+{
+  "description": "Canonical list of Claude Agent SDK ClaudeAgentOptions fields",
+  "generatedFrom": "claude-agent-sdk (PyPI)",
+  "generatedAt": "2026-04-16T04:32:37.832878+00:00",
+  "sdkVersion": "0.1.59",
+  "options": {
+    "tools": {
+      "type": "list[str] | claude_agent_sdk.types.ToolsPreset | None",
+      "required": false
+    },
+    "allowed_tools": {
+      "type": "list[str]",
+      "required": false
+    },
+    "system_prompt": {
+      "type": "str | claude_agent_sdk.types.SystemPromptPreset | claude_agent_sdk.types.SystemPromptFile | None",
+      "required": false
+    },
+    "mcp_servers": {
+      "type": "dict[str, claude_agent_sdk.types.McpStdioServerConfig | claude_agent_sdk.types.McpSSEServerConfig | claude_agent_sdk.types.McpHttpServerConfig | claude_agent_sdk.types.McpSdkServerConfig] | str | pathlib._local.Path",
+      "required": false
+    },
+    "permission_mode": {
+      "type": "typing.Optional[typing.Literal['default', 'acceptEdits', 'plan', 'bypassPermissions', 'dontAsk', 'auto']]",
+      "required": false
+    },
+    "continue_conversation": {
+      "type": "<class 'bool'>",
+      "required": false
+    },
+    "resume": {
+      "type": "str | None",
+      "required": false
+    },
+    "session_id": {
+      "type": "str | None",
+      "required": false
+    },
+    "max_turns": {
+      "type": "int | None",
+      "required": false
+    },
+    "max_budget_usd": {
+      "type": "float | None",
+      "required": false
+    },
+    "disallowed_tools": {
+      "type": "list[str]",
+      "required": false
+    },
+    "model": {
+      "type": "str | None",
+      "required": false
+    },
+    "fallback_model": {
+      "type": "str | None",
+      "required": false
+    },
+    "betas": {
+      "type": "list[typing.Literal['context-1m-2025-08-07']]",
+      "required": false
+    },
+    "permission_prompt_tool_name": {
+      "type": "str | None",
+      "required": false
+    },
+    "cwd": {
+      "type": "str | pathlib._local.Path | None",
+      "required": false
+    },
+    "cli_path": {
+      "type": "str | pathlib._local.Path | None",
+      "required": false
+    },
+    "settings": {
+      "type": "str | None",
+      "required": false
+    },
+    "add_dirs": {
+      "type": "list[str | pathlib._local.Path]",
+      "required": false
+    },
+    "env": {
+      "type": "dict[str, str]",
+      "required": false
+    },
+    "extra_args": {
+      "type": "dict[str, str | None]",
+      "required": false
+    },
+    "max_buffer_size": {
+      "type": "int | None",
+      "required": false
+    },
+    "debug_stderr": {
+      "type": "typing.Any",
+      "required": false
+    },
+    "stderr": {
+      "type": "collections.abc.Callable[[str], None] | None",
+      "required": false
+    },
+    "can_use_tool": {
+      "type": "collections.abc.Callable[[str, dict[str, typing.Any], claude_agent_sdk.types.ToolPermissionContext], collections.abc.Awaitable[claude_agent_sdk.types.PermissionResultAllow | claude_agent_sdk.types.PermissionResultDeny]] | None",
+      "required": false
+    },
+    "hooks": {
+      "type": "dict[typing.Union[typing.Literal['PreToolUse'], typing.Literal['PostToolUse'], typing.Literal['PostToolUseFailure'], typing.Literal['UserPromptSubmit'], typing.Literal['Stop'], typing.Literal['SubagentStop'], typing.Literal['PreCompact'], typing.Literal['Notification'], typing.Literal['SubagentStart'], typing.Literal['PermissionRequest']], list[claude_agent_sdk.types.HookMatcher]] | None",
+      "required": false
+    },
+    "user": {
+      "type": "str | None",
+      "required": false
+    },
+    "include_partial_messages": {
+      "type": "<class 'bool'>",
+      "required": false
+    },
+    "fork_session": {
+      "type": "<class 'bool'>",
+      "required": false
+    },
+    "agents": {
+      "type": "dict[str, claude_agent_sdk.types.AgentDefinition] | None",
+      "required": false
+    },
+    "setting_sources": {
+      "type": "list[typing.Literal['user', 'project', 'local']] | None",
+      "required": false
+    },
+    "sandbox": {
+      "type": "claude_agent_sdk.types.SandboxSettings | None",
+      "required": false
+    },
+    "plugins": {
+      "type": "list[claude_agent_sdk.types.SdkPluginConfig]",
+      "required": false
+    },
+    "max_thinking_tokens": {
+      "type": "int | None",
+      "required": false
+    },
+    "thinking": {
+      "type": "claude_agent_sdk.types.ThinkingConfigAdaptive | claude_agent_sdk.types.ThinkingConfigEnabled | claude_agent_sdk.types.ThinkingConfigDisabled | None",
+      "required": false
+    },
+    "effort": {
+      "type": "typing.Optional[typing.Literal['low', 'medium', 'high', 'max']]",
+      "required": false
+    },
+    "output_format": {
+      "type": "dict[str, typing.Any] | None",
+      "required": false
+    },
+    "enable_file_checkpointing": {
+      "type": "<class 'bool'>",
+      "required": false
+    },
+    "task_budget": {
+      "type": "claude_agent_sdk.types.TaskBudget | None",
+      "required": false
+    }
+  }
+}
diff --git a/scripts/sdk-options-drift-check.py b/scripts/sdk-options-drift-check.py
new file mode 100755
index 000000000..476b04717
--- /dev/null
+++ b/scripts/sdk-options-drift-check.py
@@ -0,0 +1,160 @@
+#!/usr/bin/env python3
+"""Detect drift between the installed claude-agent-sdk and the committed manifest.
+
+Exit codes:
+    0 - No drift detected
+    1 - Drift detected (manifest updated in-place)
+    2 - Error (import failure, missing file, etc.)
+"""
+
+from __future__ import annotations
+
+import dataclasses
+import json
+import sys
+from datetime import datetime, timezone
+from pathlib import Path
+
+MANIFEST_PATH = (
+    Path(__file__).resolve().parent.parent
+    / "components"
+    / "runners"
+    / "ambient-runner"
+    / "sdk-options-manifest.json"
+)
+
+
+def get_current_fields() -> dict[str, dict[str, object]]:
+    """Introspect ClaudeAgentOptions and return a dict of field name -> metadata."""
+    # Pydantic v2
+    if hasattr(ClaudeAgentOptions, "model_fields"):
+        fields_map = ClaudeAgentOptions.model_fields
+        result = {}
+        for name, field_info in fields_map.items():
+            annotation = field_info.annotation
+            type_str = str(annotation) if annotation else "Any"
+            required = field_info.is_required()
+            result[name] = {"type": type_str, "required": required}
+        return result
+
+    # Pydantic v1
+    if hasattr(ClaudeAgentOptions, "__fields__"):
+        fields_map = ClaudeAgentOptions.__fields__
+        result = {}
+        for name, field_info in fields_map.items():
+            type_str = (
+                str(field_info.outer_type_)
+                if hasattr(field_info, "outer_type_")
+                else str(field_info.type_)
+            )
+            required = field_info.required
+            result[name] = {"type": type_str, "required": required}
+        return result
+
+    # dataclass
+    if dataclasses.is_dataclass(ClaudeAgentOptions):
+        result = {}
+        for f in dataclasses.fields(ClaudeAgentOptions):
+            has_default = f.default is not dataclasses.MISSING
+            has_factory = f.default_factory is not dataclasses.MISSING
+            required = not has_default and not has_factory
+            type_str = str(f.type) if f.type else "Any"
+            result[f.name] = {"type": type_str, "required": required}
+        return result
+
+    print(
+        "ERROR: ClaudeAgentOptions is not a Pydantic model or dataclass — cannot introspect fields",
+        file=sys.stderr,
+    )
+    sys.exit(2)
+
+
+def load_manifest() -> dict:
+    """Load the existing manifest from disk."""
+    if not MANIFEST_PATH.exists():
+        print(f"ERROR: Manifest not found at {MANIFEST_PATH}", file=sys.stderr)
+        sys.exit(2)
+    with open(MANIFEST_PATH) as fh:
+        return json.load(fh)
+
+
+def write_manifest(
+    current_fields: dict[str, dict[str, object]], sdk_version: str
+) -> None:
+    """Write an updated manifest to disk."""
+    manifest = {
+        "description": "Canonical list of Claude Agent SDK ClaudeAgentOptions fields",
+        "generatedFrom": "claude-agent-sdk (PyPI)",
+        "generatedAt": datetime.now(timezone.utc).isoformat(),
+        "sdkVersion": sdk_version,
+        "options": current_fields,
+    }
+    with open(MANIFEST_PATH, "w") as fh:
+        json.dump(manifest, fh, indent=2)
+        fh.write("\n")
+    print(f"Updated manifest written to {MANIFEST_PATH}")
+
+
+def main(sdk_version: str) -> int:
+    current_fields = get_current_fields()
+    manifest = load_manifest()
+    manifest_options = manifest.get("options", {})
+
+    current_names = set(current_fields.keys())
+    manifest_names = set(manifest_options.keys())
+
+    added = sorted(current_names - manifest_names)
+    removed = sorted(manifest_names - current_names)
+
+    # Check type changes for fields present in both
+    changed: list[tuple[str, str, str]] = []
+    for name in sorted(current_names & manifest_names):
+        old_type = manifest_options[name].get("type", "")
+        new_type = current_fields[name].get("type", "")
+        if old_type != new_type:
+            changed.append((name, old_type, new_type))
+
+    if not added and not removed and not changed:
+        print(
+            f"No drift detected (SDK {sdk_version}, manifest {manifest.get('sdkVersion', 'unknown')})"
+        )
+        return 0
+
+    # Drift found
+    print("SDK options drift detected!")
+    print(
+        f"  SDK version: {sdk_version} (manifest: {manifest.get('sdkVersion', 'unknown')})"
+    )
+    if added:
+        print(f"\n  Added fields ({len(added)}):")
+        for name in added:
+            print(f"    + {name}: {current_fields[name]['type']}")
+    if removed:
+        print(f"\n  Removed fields ({len(removed)}):")
+        for name in removed:
+            print(f"    - {name}: {manifest_options[name]['type']}")
+    if changed:
+        print(f"\n  Changed types ({len(changed)}):")
+        for name, old_type, new_type in changed:
+            print(f"    ~ {name}: {old_type} -> {new_type}")
+
+    write_manifest(current_fields, sdk_version)
+    return 1
+
+
+if __name__ == "__main__":
+    try:
+        import importlib.metadata
+
+        from claude_agent_sdk import ClaudeAgentOptions
+
+        sdk_version = importlib.metadata.version("claude-agent-sdk")
+    except ImportError as exc:
+        print(f"ERROR: Cannot import claude_agent_sdk: {exc}", file=sys.stderr)
+        print("Install it: pip install claude-agent-sdk", file=sys.stderr)
+        sys.exit(2)
+    except Exception as exc:
+        print(f"ERROR: {exc}", file=sys.stderr)
+        sys.exit(2)
+
+    sys.exit(main(sdk_version))

From f5cf6621a044b0adc0f0d60fe31a550bb3a42285 Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Thu, 16 Apr 2026 00:44:04 -0400
Subject: [PATCH 07/16] feat(frontend): add collapsible AdvancedSdkOptions
 gated by workspace flag

Rename agentOptions to sdkOptions in session types. Create AdvancedSdkOptions
component using Shadcn Collapsible, gated by useWorkspaceFlag("advanced-sdk-options").
Wire into new-session-view with form value collection that filters defaults.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../src/app/projects/[name]/new/page.tsx      |   2 +
 .../__tests__/new-session-view.test.tsx       |   4 +
 .../components/new-session-view.tsx           |  38 ++++-
 .../__tests__/advanced-sdk-options.test.tsx   | 131 ++++++++++++++++++
 .../src/components/advanced-sdk-options.tsx   |  51 +++++++
 .../src/components/create-session-dialog.tsx  |   2 +-
 .../frontend/src/types/agentic-session.ts     |   4 +-
 components/frontend/src/types/api/sessions.ts |   4 +-
 8 files changed, 230 insertions(+), 6 deletions(-)
 create mode 100644 components/frontend/src/components/__tests__/advanced-sdk-options.test.tsx
 create mode 100644 components/frontend/src/components/advanced-sdk-options.tsx

diff --git a/components/frontend/src/app/projects/[name]/new/page.tsx b/components/frontend/src/app/projects/[name]/new/page.tsx
index b495295db..e0eff53af 100755
--- a/components/frontend/src/app/projects/[name]/new/page.tsx
+++ b/components/frontend/src/app/projects/[name]/new/page.tsx
@@ -25,6 +25,7 @@ export default function NewSessionPage() {
       model: string;
       workflow?: string;
       repos?: Array<{ url: string; branch?: string; autoPush?: boolean }>;
+      sdkOptions?: Record<string, unknown>;
     }) => {
       const workflowConfig = config.workflow === "custom" && customWorkflow
         ? { gitUrl: customWorkflow.gitUrl, branch: customWorkflow.branch, path: customWorkflow.path }
@@ -57,6 +58,7 @@ export default function NewSessionPage() {
                   })),
                 }
               : {}),
+            ...(config.sdkOptions ? { sdkOptions: config.sdkOptions } : {}),
           },
         },
         {
diff --git a/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/__tests__/new-session-view.test.tsx b/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/__tests__/new-session-view.test.tsx
index 86a1c9d8a..889375523 100755
--- a/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/__tests__/new-session-view.test.tsx
+++ b/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/__tests__/new-session-view.test.tsx
@@ -40,6 +40,10 @@ vi.mock('../workflow-selector', () => ({
   WorkflowSelector: () => <button data-testid="workflow-selector">No workflow</button>,
 }));
 
+vi.mock('@/components/advanced-sdk-options', () => ({
+  AdvancedSdkOptions: () => null,
+}));
+
 vi.mock('../modals/add-context-modal', () => ({
   AddContextModal: ({ onAddRepository }: { open: boolean; onAddRepository: (url: string, branch: string, autoPush?: boolean) => Promise<void> }) => (
     <>
diff --git a/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/new-session-view.tsx b/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/new-session-view.tsx
index eada72b71..fff4f34e5 100755
--- a/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/new-session-view.tsx
+++ b/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/new-session-view.tsx
@@ -1,6 +1,8 @@
 "use client";
 
 import { useState, useRef, useCallback, useEffect, useMemo } from "react";
+import { useForm } from "react-hook-form";
+import { zodResolver } from "@hookform/resolvers/zod";
 import { MessageSquarePlus, ArrowUp, Loader2, Plus, GitBranch, Upload, X } from "lucide-react";
 import { Button } from "@/components/ui/button";
 import { Badge } from "@/components/ui/badge";
@@ -25,6 +27,12 @@ import { useRunnerTypes } from "@/services/queries/use-runner-types";
 import { useModels } from "@/services/queries/use-models";
 import { DEFAULT_RUNNER_TYPE_ID } from "@/services/api/runner-types";
 import { useLocalStorage } from "@/hooks/use-local-storage";
+import { AdvancedSdkOptions } from "@/components/advanced-sdk-options";
+import {
+  claudeAgentOptionsSchema,
+  claudeAgentOptionsDefaults,
+  type ClaudeAgentOptionsForm,
+} from "@/components/claude-agent-options";
 import type { WorkflowConfig } from "../lib/types";
 
 const MENU_VERSION = "2026-04-16";
@@ -44,6 +52,7 @@ type NewSessionViewProps = {
     model: string;
     workflow?: string;
     repos?: Array<{ url: string; branch?: string; autoPush?: boolean }>;
+    sdkOptions?: Record<string, unknown>;
   }) => void;
   ootbWorkflows: WorkflowConfig[];
   onLoadCustomWorkflow?: () => void;
@@ -68,6 +77,11 @@ export function NewSessionView({
     }
   }, [menuSeenVersion, setMenuSeenVersion]);
 
+  const sdkOptionsForm = useForm<ClaudeAgentOptionsForm>({
+    resolver: zodResolver(claudeAgentOptionsSchema),
+    defaultValues: claudeAgentOptionsDefaults,
+  });
+
   const [prompt, setPrompt] = useState("");
   const [selectedRunner, setSelectedRunner] = useState<string>(DEFAULT_RUNNER_TYPE_ID);
   const [selectedModel, setSelectedModel] = useState<string>("");
@@ -141,14 +155,29 @@ export function NewSessionView({
     // Require either a prompt OR a workflow with startupPrompt
     if (!trimmed && !hasWorkflow) return;
 
+    // Collect SDK options, filtering out undefined/empty/default values
+    const rawOpts = sdkOptionsForm.getValues();
+    const sdkOptions: Record<string, unknown> = {};
+    const defaults = claudeAgentOptionsDefaults as Record<string, unknown>;
+    for (const [key, value] of Object.entries(rawOpts)) {
+      if (value === undefined || value === "" || value === null) continue;
+      // Skip arrays/objects that are empty
+      if (Array.isArray(value) && value.length === 0) continue;
+      if (typeof value === "object" && value !== null && !Array.isArray(value) && Object.keys(value).length === 0) continue;
+      // Skip values that match defaults
+      if (key in defaults && JSON.stringify(value) === JSON.stringify(defaults[key])) continue;
+      sdkOptions[key] = value;
+    }
+
     onCreateSession({
       prompt: trimmed,
       runner: selectedRunner,
       model: selectedModel,
       workflow: hasWorkflow ? selectedWorkflow : undefined,
       repos: pendingRepos.length > 0 ? pendingRepos.map((r) => ({ url: r.url, branch: r.branch, autoPush: r.autoPush })) : undefined,
+      sdkOptions: Object.keys(sdkOptions).length > 0 ? sdkOptions : undefined,
     });
-  }, [prompt, selectedRunner, selectedModel, selectedWorkflow, pendingRepos, onCreateSession]);
+  }, [prompt, selectedRunner, selectedModel, selectedWorkflow, pendingRepos, sdkOptionsForm, onCreateSession]);
 
   const handleKeyDown = (e: React.KeyboardEvent<HTMLTextAreaElement>) => {
     if (e.key === "Enter" && !e.shiftKey) {
@@ -273,6 +302,13 @@ export function NewSessionView({
           </div>
         )}
 
+        {/* Advanced SDK Options (gated by workspace flag) */}
+        <AdvancedSdkOptions
+          projectName={projectName}
+          form={sdkOptionsForm}
+          disabled={isSubmitting}
+        />
+
       </div>
 
       <AddContextModal
diff --git a/components/frontend/src/components/__tests__/advanced-sdk-options.test.tsx b/components/frontend/src/components/__tests__/advanced-sdk-options.test.tsx
new file mode 100644
index 000000000..cd46c01ce
--- /dev/null
+++ b/components/frontend/src/components/__tests__/advanced-sdk-options.test.tsx
@@ -0,0 +1,131 @@
+import { describe, it, expect, vi, beforeEach } from "vitest";
+import { render, screen, fireEvent } from "@testing-library/react";
+import { useForm } from "react-hook-form";
+import { zodResolver } from "@hookform/resolvers/zod";
+import { AdvancedSdkOptions } from "../advanced-sdk-options";
+import {
+  claudeAgentOptionsSchema,
+  claudeAgentOptionsDefaults,
+  type ClaudeAgentOptionsForm,
+} from "../claude-agent-options";
+
+// Mock useWorkspaceFlag
+const mockUseWorkspaceFlag = vi.fn(() => ({
+  enabled: false,
+  isLoading: false,
+  error: null,
+  source: undefined,
+}));
+vi.mock("@/services/queries/use-feature-flags-admin", () => ({
+  useWorkspaceFlag: (...args: unknown[]) => mockUseWorkspaceFlag(...args),
+}));
+
+// Mock AgentOptionsFields to avoid rendering the full form tree
+vi.mock("../claude-agent-options", async () => {
+  const actual = await vi.importActual("../claude-agent-options");
+  return {
+    ...actual,
+    AgentOptionsFields: ({ disabled }: { disabled?: boolean }) => (
+      <div data-testid="agent-options-fields" data-disabled={disabled}>
+        Agent Options Fields
+      </div>
+    ),
+  };
+});
+
+// Helper to render the component with a form
+function renderWithForm(props?: { disabled?: boolean }) {
+  function TestHarness() {
+    const form = useForm<ClaudeAgentOptionsForm>({
+      resolver: zodResolver(claudeAgentOptionsSchema),
+      defaultValues: claudeAgentOptionsDefaults,
+    });
+    return (
+      <AdvancedSdkOptions
+        projectName="test-project"
+        form={form}
+        disabled={props?.disabled}
+      />
+    );
+  }
+  return render(<TestHarness />);
+}
+
+describe("AdvancedSdkOptions", () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+  });
+
+  it("renders nothing when advanced-sdk-options flag is false", () => {
+    mockUseWorkspaceFlag.mockReturnValue({
+      enabled: false,
+      isLoading: false,
+      error: null,
+      source: undefined,
+    });
+
+    const { container } = renderWithForm();
+    expect(container.innerHTML).toBe("");
+  });
+
+  it("renders collapsed by default when flag is true", () => {
+    mockUseWorkspaceFlag.mockReturnValue({
+      enabled: true,
+      isLoading: false,
+      error: null,
+      source: undefined,
+    });
+
+    renderWithForm();
+    expect(screen.getByText("Advanced SDK Options")).toBeDefined();
+    // The form fields should NOT be visible when collapsed
+    expect(screen.queryByTestId("agent-options-fields")).toBeNull();
+  });
+
+  it("expands on click to show form fields", () => {
+    mockUseWorkspaceFlag.mockReturnValue({
+      enabled: true,
+      isLoading: false,
+      error: null,
+      source: undefined,
+    });
+
+    renderWithForm();
+    const trigger = screen.getByText("Advanced SDK Options");
+    fireEvent.click(trigger);
+
+    expect(screen.getByTestId("agent-options-fields")).toBeDefined();
+  });
+
+  it("shows form fields when expanded", () => {
+    mockUseWorkspaceFlag.mockReturnValue({
+      enabled: true,
+      isLoading: false,
+      error: null,
+      source: undefined,
+    });
+
+    renderWithForm();
+    // Click to expand
+    fireEvent.click(screen.getByText("Advanced SDK Options"));
+
+    const fields = screen.getByTestId("agent-options-fields");
+    expect(fields).toBeDefined();
+    expect(fields.textContent).toContain("Agent Options Fields");
+  });
+
+  it("calls useWorkspaceFlag with correct project and flag name", () => {
+    mockUseWorkspaceFlag.mockReturnValue({
+      enabled: false,
+      isLoading: false,
+      error: null,
+      source: undefined,
+    });
+
+    renderWithForm();
+    expect(mockUseWorkspaceFlag).toHaveBeenCalledWith(
+      "test-project",
+      "advanced-sdk-options"
+    );
+  });
+});
diff --git a/components/frontend/src/components/advanced-sdk-options.tsx b/components/frontend/src/components/advanced-sdk-options.tsx
new file mode 100644
index 000000000..e3ad86a5c
--- /dev/null
+++ b/components/frontend/src/components/advanced-sdk-options.tsx
@@ -0,0 +1,51 @@
+"use client";
+
+import { useState } from "react";
+import type { UseFormReturn } from "react-hook-form";
+import { ChevronRight } from "lucide-react";
+import {
+  Collapsible,
+  CollapsibleContent,
+  CollapsibleTrigger,
+} from "@/components/ui/collapsible";
+import { Form } from "@/components/ui/form";
+import { useWorkspaceFlag } from "@/services/queries/use-feature-flags-admin";
+import {
+  AgentOptionsFields,
+  type ClaudeAgentOptionsForm,
+} from "./claude-agent-options";
+
+type AdvancedSdkOptionsProps = {
+  projectName: string;
+  form: UseFormReturn<ClaudeAgentOptionsForm>;
+  disabled?: boolean;
+};
+
+export function AdvancedSdkOptions({
+  projectName,
+  form,
+  disabled,
+}: AdvancedSdkOptionsProps) {
+  const { enabled } = useWorkspaceFlag(projectName, "advanced-sdk-options");
+  const [open, setOpen] = useState(false);
+
+  if (!enabled) return null;
+
+  return (
+    <Collapsible open={open} onOpenChange={setOpen}>
+      <CollapsibleTrigger className="flex w-full items-center gap-2 rounded-md px-3 py-2 text-sm font-medium text-muted-foreground hover:bg-muted/50 transition-colors cursor-pointer">
+        <ChevronRight
+          className={`h-4 w-4 shrink-0 transition-transform duration-200 ${open ? "rotate-90" : ""}`}
+        />
+        Advanced SDK Options
+      </CollapsibleTrigger>
+      <CollapsibleContent>
+        <div className="pt-3">
+          <Form {...form}>
+            <AgentOptionsFields form={form} disabled={disabled} />
+          </Form>
+        </div>
+      </CollapsibleContent>
+    </Collapsible>
+  );
+}
diff --git a/components/frontend/src/components/create-session-dialog.tsx b/components/frontend/src/components/create-session-dialog.tsx
index 5e9101285..a1650d01c 100755
--- a/components/frontend/src/components/create-session-dialog.tsx
+++ b/components/frontend/src/components/create-session-dialog.tsx
@@ -230,7 +230,7 @@ export function CreateSessionDialog({
     }
 
     if (advancedAgentOptions) {
-      request.agentOptions = agentOptionsForm.getValues();
+      request.sdkOptions = agentOptionsForm.getValues();
     }
 
     createSessionMutation.mutate(
diff --git a/components/frontend/src/types/agentic-session.ts b/components/frontend/src/types/agentic-session.ts
index 9795ea23f..fa11cf12e 100755
--- a/components/frontend/src/types/agentic-session.ts
+++ b/components/frontend/src/types/agentic-session.ts
@@ -257,8 +257,8 @@ export type CreateAgenticSessionRequest = {
 	mcpServers?: MCPServersConfig;
 	// TODO: Backend handler must unmarshal this field and write it into the
 	// AgenticSession CR spec. Until then, Go encoding/json silently drops it.
-	// Safe while the `advanced-agent-options` Unleash flag defaults to off.
-	agentOptions?: Record<string, unknown>;
+	// Safe while the `advanced-sdk-options` Unleash flag defaults to off.
+	sdkOptions?: Record<string, unknown>;
 };
 
 export type AgentPersona = {
diff --git a/components/frontend/src/types/api/sessions.ts b/components/frontend/src/types/api/sessions.ts
index 38076d316..80f22b65c 100644
--- a/components/frontend/src/types/api/sessions.ts
+++ b/components/frontend/src/types/api/sessions.ts
@@ -145,8 +145,8 @@ export type CreateAgenticSessionRequest = {
   // The frontend validates via ClaudeAgentOptionsForm (Zod schema) before sending.
   // TODO: Backend handler in components/backend/ must unmarshal this field and write
   // it into the AgenticSession CR spec. Until then, Go encoding/json silently drops
-  // the field. Safe while the `advanced-agent-options` flag defaults to off.
-  agentOptions?: Record<string, unknown>;
+  // the field. Safe while the `advanced-sdk-options` flag defaults to off.
+  sdkOptions?: Record<string, unknown>;
 };
 
 export type CreateAgenticSessionResponse = {

From 2eec450d87a6c909f1ef1f1634c8b1bc12f3fa50 Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Thu, 16 Apr 2026 00:50:05 -0400
Subject: [PATCH 08/16] refactor(ci): fold SDK options drift check into
 daily-sdk-update workflow
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Remove standalone claude-sdk-options-drift.yml. Add drift detection step
to daily-sdk-update.yml so field changes are caught when the SDK version
bumps — same event, one PR instead of two.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../workflows/claude-sdk-options-drift.yml    | 51 -------------------
 .github/workflows/daily-sdk-update.yml        | 27 ++++++++++
 2 files changed, 27 insertions(+), 51 deletions(-)
 delete mode 100644 .github/workflows/claude-sdk-options-drift.yml

diff --git a/.github/workflows/claude-sdk-options-drift.yml b/.github/workflows/claude-sdk-options-drift.yml
deleted file mode 100644
index a67c4b31a..000000000
--- a/.github/workflows/claude-sdk-options-drift.yml
+++ /dev/null
@@ -1,51 +0,0 @@
-name: Claude SDK Options Drift Check
-
-on:
-  schedule:
-    - cron: '0 6 * * 1'  # Weekly Monday 6am UTC
-  workflow_dispatch:
-
-concurrency:
-  group: claude-sdk-options-drift
-  cancel-in-progress: true
-
-jobs:
-  check-drift:
-    name: Check SDK Options Drift
-    runs-on: ubuntu-latest
-    permissions:
-      contents: write
-      pull-requests: write
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
-        with:
-          python-version: '3.12'
-      - name: Install SDK
-        run: pip install claude-agent-sdk
-      - name: Check for drift
-        id: drift
-        run: |
-          EXIT_CODE=0
-          python scripts/sdk-options-drift-check.py || EXIT_CODE=$?
-          echo "exit_code=$EXIT_CODE" >> "$GITHUB_OUTPUT"
-          if [ "$EXIT_CODE" -eq 2 ]; then
-            echo "::error::Drift check encountered an error"
-            exit 1
-          fi
-      - name: Create PR if drift detected
-        if: steps.drift.outputs.exit_code == '1'
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          BRANCH="auto/sdk-options-drift-$(date +%Y%m%d)"
-          git config user.name "github-actions[bot]"
-          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
-          git checkout -b "$BRANCH"
-          git add components/runners/ambient-runner/sdk-options-manifest.json
-          git commit -m "chore: update SDK options manifest for drift"
-          git push origin "$BRANCH"
-          gh pr create \
-            --title "chore: SDK options manifest drift detected" \
-            --body "Weekly drift check found changes in ClaudeAgentOptions fields. Review and update allowlist/UI as needed." \
-            --label "amber:auto-fix"
diff --git a/.github/workflows/daily-sdk-update.yml b/.github/workflows/daily-sdk-update.yml
index 54592302e..56bacd19f 100644
--- a/.github/workflows/daily-sdk-update.yml
+++ b/.github/workflows/daily-sdk-update.yml
@@ -133,11 +133,26 @@ jobs:
           uv lock
           echo "uv.lock regenerated"
 
+      - name: Check for SDK options drift
+        if: steps.check.outputs.needs_update == 'true' && steps.existing_pr.outputs.pr_exists == 'false'
+        id: drift
+        run: |
+          pip install claude-agent-sdk 2>/dev/null
+          EXIT_CODE=0
+          python scripts/sdk-options-drift-check.py || EXIT_CODE=$?
+          echo "drift_exit=$EXIT_CODE" >> "$GITHUB_OUTPUT"
+          if [ "$EXIT_CODE" -eq 2 ]; then
+            echo "::warning::SDK options drift check encountered an error"
+          elif [ "$EXIT_CODE" -eq 1 ]; then
+            echo "SDK options drift detected — manifest updated"
+          fi
+
       - name: Create branch, commit, and open PR
         if: steps.check.outputs.needs_update == 'true' && steps.existing_pr.outputs.pr_exists == 'false'
         env:
           LATEST: ${{ steps.pypi.outputs.latest }}
           CURRENT: ${{ steps.current.outputs.current }}
+          DRIFT_EXIT: ${{ steps.drift.outputs.drift_exit }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
           BRANCH="auto/update-claude-agent-sdk"
@@ -151,6 +166,12 @@ jobs:
           git checkout -b "$BRANCH"
           git add components/runners/claude-code-runner/pyproject.toml \
                   components/runners/claude-code-runner/uv.lock
+
+          # Include manifest if drift was detected
+          if [ -n "$(git diff -- components/runners/ambient-runner/sdk-options-manifest.json)" ]; then
+            git add components/runners/ambient-runner/sdk-options-manifest.json
+          fi
+
           git commit -m "chore(runner): update claude-agent-sdk >=${CURRENT} to >=${LATEST}
 
           Automated daily update of the Claude Agent SDK minimum version.
@@ -159,11 +180,17 @@ jobs:
 
           git push -u origin "$BRANCH"
 
+          DRIFT_NOTE=""
+          if [ "$DRIFT_EXIT" = "1" ]; then
+            DRIFT_NOTE="- **SDK options drift detected** — \`sdk-options-manifest.json\` updated. Review allowlist and UI for new/removed fields."
+          fi
+
           printf '%s\n' \
             "## Summary" \
             "" \
             "- Updates \`claude-agent-sdk\` minimum version from \`>=${CURRENT}\` to \`>=${LATEST}\`" \
             "- Files changed: \`pyproject.toml\` and \`uv.lock\`" \
+            "${DRIFT_NOTE:+$DRIFT_NOTE}" \
             "" \
             "## Release Info" \
             "" \

From 321bbfeb5c494de14b79afb859c7a77cb508f0c6 Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Thu, 16 Apr 2026 00:51:48 -0400
Subject: [PATCH 09/16] fix(ci): use shell parameter expansion instead of sed
 (shellcheck SC2001)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .github/workflows/daily-sdk-update.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/daily-sdk-update.yml b/.github/workflows/daily-sdk-update.yml
index 56bacd19f..879d9ac96 100644
--- a/.github/workflows/daily-sdk-update.yml
+++ b/.github/workflows/daily-sdk-update.yml
@@ -105,7 +105,7 @@ jobs:
           CURRENT: ${{ steps.current.outputs.current }}
         run: |
           # Escape dots for sed regex
-          CURRENT_ESC=$(echo "$CURRENT" | sed 's/\./\\./g')
+          CURRENT_ESC=${CURRENT//./\\.}
 
           sed -i "s/\"claude-agent-sdk>=${CURRENT_ESC}\"/\"claude-agent-sdk>=${LATEST}\"/" \
             components/runners/claude-code-runner/pyproject.toml

From 513d79281bd39ba37e4e92b26ba9e57b215523f2 Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Thu, 16 Apr 2026 00:56:00 -0400
Subject: [PATCH 10/16] refactor(ci): consolidate SDK workflows, add drift
 detection to version bump

- Delete daily-sdk-update.yml (targeted nonexistent claude-code-runner dir)
- Add SDK options drift check step to sdk-version-bump.yml
- Include manifest in PR when drift detected, append note to PR body
- Fix command injection: move ${{ }} expressions to env: blocks
- Fix shellcheck SC2016/SC2129 style warnings

One workflow, one PR, one human gate: version bump + field drift together.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .github/workflows/daily-sdk-update.yml | 235 -------------------------
 .github/workflows/sdk-version-bump.yml |  53 ++++--
 2 files changed, 42 insertions(+), 246 deletions(-)
 delete mode 100644 .github/workflows/daily-sdk-update.yml

diff --git a/.github/workflows/daily-sdk-update.yml b/.github/workflows/daily-sdk-update.yml
deleted file mode 100644
index 879d9ac96..000000000
--- a/.github/workflows/daily-sdk-update.yml
+++ /dev/null
@@ -1,235 +0,0 @@
-name: Daily Claude Agent SDK Update
-
-on:
-  schedule:
-    # Run daily at 8 AM UTC
-    - cron: '0 8 * * *'
-
-  workflow_dispatch: # Allow manual triggering
-
-permissions:
-  contents: write
-  pull-requests: write
-
-concurrency:
-  group: daily-sdk-update
-  cancel-in-progress: false
-
-jobs:
-  update-sdk:
-    name: Update claude-agent-sdk to latest
-    if: github.event_name != 'pull_request'
-    runs-on: ubuntu-latest
-    timeout-minutes: 15
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          ref: main
-          token: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Get latest SDK version from PyPI
-        id: pypi
-        run: |
-          LATEST=$(curl -sf --max-time 30 https://pypi.org/pypi/claude-agent-sdk/json | jq -r '.info.version')
-
-          if [ -z "$LATEST" ] || [ "$LATEST" = "null" ]; then
-            echo "Failed to fetch latest version from PyPI"
-            exit 1
-          fi
-
-          if ! echo "$LATEST" | grep -qE '^[0-9]+(\.[0-9]+)+$'; then
-            echo "Unexpected version format: $LATEST"
-            exit 1
-          fi
-
-          echo "latest=$LATEST" >> "$GITHUB_OUTPUT"
-          echo "Latest claude-agent-sdk on PyPI: $LATEST"
-
-      - name: Get current minimum version
-        id: current
-        run: |
-          CURRENT=$(grep 'claude-agent-sdk>=' \
-            components/runners/claude-code-runner/pyproject.toml \
-            | sed 's/.*>=\([0-9][0-9.]*\).*/\1/')
-
-          if [ -z "$CURRENT" ]; then
-            echo "Failed to parse current version from pyproject.toml"
-            exit 1
-          fi
-
-          echo "current=$CURRENT" >> "$GITHUB_OUTPUT"
-          echo "Current minimum version: $CURRENT"
-
-      - name: Check if update is needed
-        id: check
-        env:
-          LATEST: ${{ steps.pypi.outputs.latest }}
-          CURRENT: ${{ steps.current.outputs.current }}
-        run: |
-          # Use version sort — if current sorts last, we are already up to date
-          NEWEST=$(printf '%s\n%s' "$CURRENT" "$LATEST" | sort -V | tail -1)
-
-          if [ "$NEWEST" = "$CURRENT" ]; then
-            echo "Already up to date ($CURRENT >= $LATEST)"
-            echo "needs_update=false" >> "$GITHUB_OUTPUT"
-          else
-            echo "Update available: $CURRENT -> $LATEST"
-            echo "needs_update=true" >> "$GITHUB_OUTPUT"
-          fi
-
-      - name: Check for existing PR
-        if: steps.check.outputs.needs_update == 'true'
-        id: existing_pr
-        run: |
-          EXISTING=$(gh pr list \
-            --head "auto/update-claude-agent-sdk" \
-            --state open \
-            --json number \
-            --jq 'length')
-
-          if [ "$EXISTING" -gt 0 ]; then
-            echo "Open PR already exists for SDK update branch"
-            echo "pr_exists=true" >> "$GITHUB_OUTPUT"
-          else
-            echo "pr_exists=false" >> "$GITHUB_OUTPUT"
-          fi
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Update pyproject.toml
-        if: steps.check.outputs.needs_update == 'true' && steps.existing_pr.outputs.pr_exists == 'false'
-        env:
-          LATEST: ${{ steps.pypi.outputs.latest }}
-          CURRENT: ${{ steps.current.outputs.current }}
-        run: |
-          # Escape dots for sed regex
-          CURRENT_ESC=${CURRENT//./\\.}
-
-          sed -i "s/\"claude-agent-sdk>=${CURRENT_ESC}\"/\"claude-agent-sdk>=${LATEST}\"/" \
-            components/runners/claude-code-runner/pyproject.toml
-
-          # Verify the update landed
-          if ! grep -q "claude-agent-sdk>=${LATEST}" components/runners/claude-code-runner/pyproject.toml; then
-            echo "pyproject.toml was not updated correctly"
-            exit 1
-          fi
-
-          echo "Updated pyproject.toml:"
-          grep claude-agent-sdk components/runners/claude-code-runner/pyproject.toml
-
-      - name: Install uv
-        if: steps.check.outputs.needs_update == 'true' && steps.existing_pr.outputs.pr_exists == 'false'
-        uses: astral-sh/setup-uv@eac588ad8def6316056a12d4907a9d4d84ff7a3b # v7.3.0
-        with:
-          enable-cache: true
-          cache-dependency-glob: components/runners/claude-code-runner/uv.lock
-
-      - name: Regenerate uv.lock
-        if: steps.check.outputs.needs_update == 'true' && steps.existing_pr.outputs.pr_exists == 'false'
-        run: |
-          cd components/runners/claude-code-runner
-          uv lock
-          echo "uv.lock regenerated"
-
-      - name: Check for SDK options drift
-        if: steps.check.outputs.needs_update == 'true' && steps.existing_pr.outputs.pr_exists == 'false'
-        id: drift
-        run: |
-          pip install claude-agent-sdk 2>/dev/null
-          EXIT_CODE=0
-          python scripts/sdk-options-drift-check.py || EXIT_CODE=$?
-          echo "drift_exit=$EXIT_CODE" >> "$GITHUB_OUTPUT"
-          if [ "$EXIT_CODE" -eq 2 ]; then
-            echo "::warning::SDK options drift check encountered an error"
-          elif [ "$EXIT_CODE" -eq 1 ]; then
-            echo "SDK options drift detected — manifest updated"
-          fi
-
-      - name: Create branch, commit, and open PR
-        if: steps.check.outputs.needs_update == 'true' && steps.existing_pr.outputs.pr_exists == 'false'
-        env:
-          LATEST: ${{ steps.pypi.outputs.latest }}
-          CURRENT: ${{ steps.current.outputs.current }}
-          DRIFT_EXIT: ${{ steps.drift.outputs.drift_exit }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          BRANCH="auto/update-claude-agent-sdk"
-
-          git config user.name "github-actions[bot]"
-          git config user.email "github-actions[bot]@users.noreply.github.com"
-
-          # Delete remote branch if it exists (leftover from a merged/closed PR)
-          git push origin --delete "$BRANCH" 2>&1 || echo "Branch $BRANCH did not exist or could not be deleted"
-
-          git checkout -b "$BRANCH"
-          git add components/runners/claude-code-runner/pyproject.toml \
-                  components/runners/claude-code-runner/uv.lock
-
-          # Include manifest if drift was detected
-          if [ -n "$(git diff -- components/runners/ambient-runner/sdk-options-manifest.json)" ]; then
-            git add components/runners/ambient-runner/sdk-options-manifest.json
-          fi
-
-          git commit -m "chore(runner): update claude-agent-sdk >=${CURRENT} to >=${LATEST}
-
-          Automated daily update of the Claude Agent SDK minimum version.
-
-          Release notes: https://pypi.org/project/claude-agent-sdk/${LATEST}/"
-
-          git push -u origin "$BRANCH"
-
-          DRIFT_NOTE=""
-          if [ "$DRIFT_EXIT" = "1" ]; then
-            DRIFT_NOTE="- **SDK options drift detected** — \`sdk-options-manifest.json\` updated. Review allowlist and UI for new/removed fields."
-          fi
-
-          printf '%s\n' \
-            "## Summary" \
-            "" \
-            "- Updates \`claude-agent-sdk\` minimum version from \`>=${CURRENT}\` to \`>=${LATEST}\`" \
-            "- Files changed: \`pyproject.toml\` and \`uv.lock\`" \
-            "${DRIFT_NOTE:+$DRIFT_NOTE}" \
-            "" \
-            "## Release Info" \
-            "" \
-            "PyPI: https://pypi.org/project/claude-agent-sdk/${LATEST}/" \
-            "" \
-            "## Test Plan" \
-            "" \
-            "- [ ] Runner tests pass (\`runner-tests\` workflow)" \
-            "- [ ] Container image builds successfully (\`components-build-deploy\` workflow)" \
-            "" \
-            "---" \
-            "*Auto-generated by daily-sdk-update workflow*" \
-            > /tmp/pr-body.md
-
-          gh pr create \
-            --title "chore(runner): update claude-agent-sdk to >=${LATEST}" \
-            --body-file /tmp/pr-body.md \
-            --base main \
-            --head "$BRANCH"
-
-      - name: Summary
-        if: always()
-        env:
-          NEEDS_UPDATE: ${{ steps.check.outputs.needs_update }}
-          PR_EXISTS: ${{ steps.existing_pr.outputs.pr_exists || 'false' }}
-          CURRENT: ${{ steps.current.outputs.current }}
-          LATEST: ${{ steps.pypi.outputs.latest }}
-          JOB_STATUS: ${{ job.status }}
-        run: |
-          if [ "$NEEDS_UPDATE" = "false" ]; then
-            echo "## No update needed" >> "$GITHUB_STEP_SUMMARY"
-            echo "claude-agent-sdk \`${CURRENT}\` is already the latest." >> "$GITHUB_STEP_SUMMARY"
-          elif [ "$PR_EXISTS" = "true" ]; then
-            echo "## Update PR already exists" >> "$GITHUB_STEP_SUMMARY"
-            echo "An open PR for branch \`auto/update-claude-agent-sdk\` already exists." >> "$GITHUB_STEP_SUMMARY"
-          elif [ "$JOB_STATUS" = "failure" ]; then
-            echo "## Update failed" >> "$GITHUB_STEP_SUMMARY"
-            echo "Check the logs above for details." >> "$GITHUB_STEP_SUMMARY"
-          else
-            echo "## PR created" >> "$GITHUB_STEP_SUMMARY"
-            echo "claude-agent-sdk \`${CURRENT}\` -> \`${LATEST}\`" >> "$GITHUB_STEP_SUMMARY"
-          fi
diff --git a/.github/workflows/sdk-version-bump.yml b/.github/workflows/sdk-version-bump.yml
index c071cb2ec..e481c4af2 100644
--- a/.github/workflows/sdk-version-bump.yml
+++ b/.github/workflows/sdk-version-bump.yml
@@ -47,8 +47,9 @@ jobs:
 
       - name: Check for SDK updates
         id: check
+        env:
+          PACKAGE_ARG: ${{ inputs.package || 'all' }}
         run: |
-          PACKAGE_ARG="${{ inputs.package || 'all' }}"
           python scripts/sdk-version-bump.py --check-only --package "$PACKAGE_ARG"
           EXIT_CODE=$?
 
@@ -90,16 +91,36 @@ jobs:
       - name: Apply updates
         if: steps.check.outputs.updates_available == 'true'
         id: apply
+        env:
+          PACKAGE_ARG: ${{ inputs.package || 'all' }}
         run: |
-          PACKAGE_ARG="${{ inputs.package || 'all' }}"
           python scripts/sdk-version-bump.py --package "$PACKAGE_ARG"
 
           # Read outputs
           PR_TITLE=$(cat .sdk-bump-output/pr-title.txt)
           echo "pr_title=$PR_TITLE" >> "$GITHUB_OUTPUT"
 
+      - name: Check for SDK options drift
+        if: steps.check.outputs.updates_available == 'true'
+        id: drift
+        run: |
+          pip install claude-agent-sdk 2>/dev/null
+          EXIT_CODE=0
+          python scripts/sdk-options-drift-check.py || EXIT_CODE=$?
+          echo "drift_exit=$EXIT_CODE" >> "$GITHUB_OUTPUT"
+          if [ "$EXIT_CODE" -eq 2 ]; then
+            echo "::warning::SDK options drift check encountered an error"
+          elif [ "$EXIT_CODE" -eq 1 ]; then
+            echo "SDK options drift detected — manifest updated"
+          fi
+
       - name: Create or update PR
         if: steps.check.outputs.updates_available == 'true'
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          PR_TITLE: ${{ steps.apply.outputs.pr_title }}
+          PR_EXISTS: ${{ steps.existing_pr.outputs.pr_exists }}
+          PR_NUMBER: ${{ steps.existing_pr.outputs.pr_number }}
         run: |
           # Configure git
           git config user.name "github-actions[bot]"
@@ -114,9 +135,20 @@ jobs:
           git add components/runners/ambient-runner/pyproject.toml
           git add components/runners/ambient-runner/uv.lock
 
+          # Include manifest if drift was detected
+          if [ -n "$(git diff -- components/runners/ambient-runner/sdk-options-manifest.json)" ]; then
+            git add components/runners/ambient-runner/sdk-options-manifest.json
+            {
+              echo ""
+              echo "## SDK Options Drift"
+              echo ""
+              echo "ClaudeAgentOptions fields changed — sdk-options-manifest.json updated."
+              echo "Review backend allowlist and frontend schema for new/removed fields."
+            } >> .sdk-bump-output/pr-body.md
+          fi
+
           # Commit
-          PR_TITLE="${{ steps.apply.outputs.pr_title }}"
-          git commit -m "$PR_TITLE
+          git commit -m "${PR_TITLE}
 
           Automated SDK version bump.
 
@@ -126,12 +158,11 @@ jobs:
           git push --force origin "$BRANCH"
 
           # Create or update PR (use --body-file to avoid arg length limits)
-          if [ "${{ steps.existing_pr.outputs.pr_exists }}" == "true" ]; then
-            PR_NUM="${{ steps.existing_pr.outputs.pr_number }}"
-            gh pr edit "$PR_NUM" \
+          if [ "$PR_EXISTS" == "true" ]; then
+            gh pr edit "$PR_NUMBER" \
               --title "$PR_TITLE" \
               --body-file .sdk-bump-output/pr-body.md
-            echo "Updated existing PR #$PR_NUM"
+            echo "Updated existing PR #$PR_NUMBER"
           else
             gh pr create \
               --title "$PR_TITLE" \
@@ -141,13 +172,13 @@ jobs:
               --label "dependencies,automated"
             echo "Created new PR"
           fi
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Summary
         if: always()
+        env:
+          UPDATES_AVAILABLE: ${{ steps.check.outputs.updates_available }}
         run: |
-          if [ "${{ steps.check.outputs.updates_available }}" == "true" ]; then
+          if [ "$UPDATES_AVAILABLE" == "true" ]; then
             {
               echo "## SDK Version Bump"
               echo "Updates applied and PR created/updated."

From c5191769d5d3a17b44903b81983c9f1bec8deb03 Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Thu, 16 Apr 2026 01:04:08 -0400
Subject: [PATCH 11/16] fix(ci): stop suppressing pip install errors in drift
 check step

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .github/workflows/sdk-version-bump.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/sdk-version-bump.yml b/.github/workflows/sdk-version-bump.yml
index e481c4af2..a985c4d31 100644
--- a/.github/workflows/sdk-version-bump.yml
+++ b/.github/workflows/sdk-version-bump.yml
@@ -104,7 +104,7 @@ jobs:
         if: steps.check.outputs.updates_available == 'true'
         id: drift
         run: |
-          pip install claude-agent-sdk 2>/dev/null
+          pip install claude-agent-sdk
           EXIT_CODE=0
           python scripts/sdk-options-drift-check.py || EXIT_CODE=$?
           echo "drift_exit=$EXIT_CODE" >> "$GITHUB_OUTPUT"

From 40303e422ef3ab3318506e680821811bbc62109c Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Thu, 16 Apr 2026 01:06:28 -0400
Subject: [PATCH 12/16] fix: add explicit utf-8 encoding, fix system_prompt
 suffix in unknown dict branch

Address CodeRabbit findings:
- drift check script: specify encoding="utf-8" on all file opens
- bridge.py: use suffix (with heading) instead of raw value in
  unknown dict shape branch for system_prompt merge

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../ambient-runner/ambient_runner/bridges/claude/bridge.py    | 2 +-
 scripts/sdk-options-drift-check.py                            | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py b/components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py
index ce72009b2..13f541ff2 100644
--- a/components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py
+++ b/components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py
@@ -104,7 +104,7 @@ def _parse_sdk_options(
                     merged["text"] = merged["text"] + suffix
                 else:
                     # Unknown dict shape — add an "append" field
-                    merged["append"] = value
+                    merged["append"] = suffix
                 result["system_prompt"] = merged
             elif isinstance(existing_system_prompt, str):
                 result["system_prompt"] = existing_system_prompt + suffix
diff --git a/scripts/sdk-options-drift-check.py b/scripts/sdk-options-drift-check.py
index 476b04717..61cef997c 100755
--- a/scripts/sdk-options-drift-check.py
+++ b/scripts/sdk-options-drift-check.py
@@ -74,7 +74,7 @@ def load_manifest() -> dict:
     if not MANIFEST_PATH.exists():
         print(f"ERROR: Manifest not found at {MANIFEST_PATH}", file=sys.stderr)
         sys.exit(2)
-    with open(MANIFEST_PATH) as fh:
+    with open(MANIFEST_PATH, encoding="utf-8") as fh:
         return json.load(fh)
 
 
@@ -89,7 +89,7 @@ def write_manifest(
         "sdkVersion": sdk_version,
         "options": current_fields,
     }
-    with open(MANIFEST_PATH, "w") as fh:
+    with open(MANIFEST_PATH, "w", encoding="utf-8") as fh:
         json.dump(manifest, fh, indent=2)
         fh.write("\n")
     print(f"Updated manifest written to {MANIFEST_PATH}")

From e6d9b4e7abbec4823bdb2d0d68e390ba8451b0df Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Thu, 16 Apr 2026 01:14:16 -0400
Subject: [PATCH 13/16] fix(runner): add cli_path and env to SDK_OPTIONS
 denylist

Block cli_path (arbitrary binary injection) and env (environment variable
injection) from user-provided SDK_OPTIONS. Defense-in-depth.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../ambient-runner/ambient_runner/bridges/claude/bridge.py      | 2 ++
 components/runners/ambient-runner/tests/test_sdk_options.py     | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py b/components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py
index 13f541ff2..d2d5b4c54 100644
--- a/components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py
+++ b/components/runners/ambient-runner/ambient_runner/bridges/claude/bridge.py
@@ -51,6 +51,8 @@
         "continue_conversation",
         "add_dirs",
         "api_key",
+        "cli_path",
+        "env",
     }
 )
 
diff --git a/components/runners/ambient-runner/tests/test_sdk_options.py b/components/runners/ambient-runner/tests/test_sdk_options.py
index 078d37caf..77d5f8fb6 100644
--- a/components/runners/ambient-runner/tests/test_sdk_options.py
+++ b/components/runners/ambient-runner/tests/test_sdk_options.py
@@ -111,6 +111,8 @@ def test_all_denylisted_keys_present(self):
             "resume",
             "continue_conversation",
             "add_dirs",
+            "cli_path",
+            "env",
         }
         assert _SDK_OPTIONS_DENYLIST == expected
 

From 03c811bfebc0169f7efa152db86bd8095e104c4f Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Thu, 16 Apr 2026 10:56:49 -0400
Subject: [PATCH 14/16] docs: update spec and tasks to match implementation

- FR-005: add cli_path and env to denylist enumeration
- Tasks: replace standalone drift workflow with consolidated step

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 specs/010-advanced-sdk-options/spec.md  | 2 +-
 specs/010-advanced-sdk-options/tasks.md | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/specs/010-advanced-sdk-options/spec.md b/specs/010-advanced-sdk-options/spec.md
index 54695ce35..605dda347 100644
--- a/specs/010-advanced-sdk-options/spec.md
+++ b/specs/010-advanced-sdk-options/spec.md
@@ -91,7 +91,7 @@ The Claude Agent SDK evolves. The platform must detect when `ClaudeAgentOptions`
 **Runner:**
 
 - **FR-004**: Runner parses `SDK_OPTIONS` env var as JSON on adapter init. Malformed input → warn + use defaults.
-- **FR-005**: Runner applies a denylist for platform-internal keys (`cwd`, `api_key`, `mcp_servers`, `setting_sources`, `stderr`, `resume`, `continue_conversation`, `add_dirs`). Logs a warning per blocked key.
+- **FR-005**: Runner applies a denylist for platform-internal keys (`cwd`, `api_key`, `mcp_servers`, `setting_sources`, `stderr`, `resume`, `continue_conversation`, `add_dirs`, `cli_path`, `env`). Logs a warning per blocked key.
 - **FR-006**: `system_prompt` is appended under `## Custom Instructions`, not replaced.
 
 **Frontend:**
diff --git a/specs/010-advanced-sdk-options/tasks.md b/specs/010-advanced-sdk-options/tasks.md
index 581a51554..2adebc1de 100644
--- a/specs/010-advanced-sdk-options/tasks.md
+++ b/specs/010-advanced-sdk-options/tasks.md
@@ -62,10 +62,10 @@
 
 - [ ] T040 [US2] Generate `components/runners/ambient-runner/sdk-options-manifest.json` by introspecting the current `claude-agent-sdk` package: install via `uv pip install claude-agent-sdk`, extract fields from `ClaudeAgentOptions.model_fields` (Pydantic), write `{"generatedFrom": "claude-agent-sdk", "generatedAt": "<ISO>", "sdkVersion": "<version>", "options": {"field_name": {"type": "<annotation>", "required": <bool>}}}`
 - [ ] T041 [US2] Create `scripts/sdk-options-drift-check.py`: import `ClaudeAgentOptions`, introspect via `model_fields`, compare against manifest, exit 0 (no drift), exit 1 (drift found — write updated manifest), exit 2 (error). Must handle: `ImportError` (hard fail), Pydantic v1 vs v2 (check for `model_fields` vs `__fields__`)
-- [ ] T042 [US2] Create `.github/workflows/claude-sdk-options-drift.yml`: weekly cron `0 6 * * 1` + `workflow_dispatch`. Steps: checkout, setup Python 3.12, `pip install claude-agent-sdk`, run drift script, if exit 1: create branch `auto/sdk-options-drift-<date>`, commit updated manifest, open PR with `amber:auto-fix` label. If exit 2: fail the workflow loudly.
+- [ ] T042 [US2] Add drift check step to `.github/workflows/sdk-version-bump.yml`: after "Apply updates" step, `pip install claude-agent-sdk`, run `scripts/sdk-options-drift-check.py`, include updated manifest in the commit if drift found. No standalone workflow — drift detection runs as part of the daily SDK version bump.
 - [ ] T043 [US2] Test drift detection end-to-end: run `python scripts/sdk-options-drift-check.py` locally, verify clean exit with current manifest
 
-### Commit: `feat(ci): add weekly Claude SDK options drift detection workflow`
+### Commit: `refactor(ci): consolidate drift detection into sdk-version-bump workflow`
 
 ---
 

From 7f83b133cf859768e2b5271cc3bc29e60541464f Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Thu, 16 Apr 2026 12:23:29 -0400
Subject: [PATCH 15/16] feat(frontend): add save/preview flow with dirty form
 guard to SDK options

- Save button commits options, collapses form into compact badge summary
- Cancel with unsaved changes triggers dialog (save or discard)
- SDK options only sent on session create when explicitly saved
- Click saved summary to re-edit

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 components/backend/types/session.go           |  12 +-
 .../components/new-session-view.tsx           |   7 +-
 .../__tests__/advanced-sdk-options.test.tsx   |  24 +-
 .../src/components/advanced-sdk-options.tsx   | 215 ++++++++++++++++--
 4 files changed, 221 insertions(+), 37 deletions(-)

diff --git a/components/backend/types/session.go b/components/backend/types/session.go
index d092c8719..a1fcb6bbe 100755
--- a/components/backend/types/session.go
+++ b/components/backend/types/session.go
@@ -73,12 +73,12 @@ type CreateAgenticSessionRequest struct {
 	ParentSessionID      string                 `json:"parent_session_id,omitempty"`
 	Repos                []SimpleRepo           `json:"repos,omitempty"`
 	ActiveWorkflow       *WorkflowSelection     `json:"activeWorkflow,omitempty"`
-	UserContext          *UserContext            `json:"userContext,omitempty"`
-	EnvironmentVariables map[string]string       `json:"environmentVariables,omitempty"`
-	Labels               map[string]string       `json:"labels,omitempty"`
-	Annotations          map[string]string       `json:"annotations,omitempty"`
-	MCPServers           *MCPServersConfig       `json:"mcpServers,omitempty"`
-	SdkOptions           map[string]interface{}  `json:"sdkOptions,omitempty"`
+	UserContext          *UserContext           `json:"userContext,omitempty"`
+	EnvironmentVariables map[string]string      `json:"environmentVariables,omitempty"`
+	Labels               map[string]string      `json:"labels,omitempty"`
+	Annotations          map[string]string      `json:"annotations,omitempty"`
+	MCPServers           *MCPServersConfig      `json:"mcpServers,omitempty"`
+	SdkOptions           map[string]interface{} `json:"sdkOptions,omitempty"`
 }
 
 type CloneSessionRequest struct {
diff --git a/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/new-session-view.tsx b/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/new-session-view.tsx
index fff4f34e5..d0c8dafe0 100755
--- a/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/new-session-view.tsx
+++ b/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/new-session-view.tsx
@@ -155,16 +155,17 @@ export function NewSessionView({
     // Require either a prompt OR a workflow with startupPrompt
     if (!trimmed && !hasWorkflow) return;
 
-    // Collect SDK options, filtering out undefined/empty/default values
+    // SDK options are only sent when the user explicitly saved them via the
+    // AdvancedSdkOptions component. The component filters out defaults and
+    // empty values internally. We check the form's dirty state here to see
+    // if any non-default options were committed.
     const rawOpts = sdkOptionsForm.getValues();
     const sdkOptions: Record<string, unknown> = {};
     const defaults = claudeAgentOptionsDefaults as Record<string, unknown>;
     for (const [key, value] of Object.entries(rawOpts)) {
       if (value === undefined || value === "" || value === null) continue;
-      // Skip arrays/objects that are empty
       if (Array.isArray(value) && value.length === 0) continue;
       if (typeof value === "object" && value !== null && !Array.isArray(value) && Object.keys(value).length === 0) continue;
-      // Skip values that match defaults
       if (key in defaults && JSON.stringify(value) === JSON.stringify(defaults[key])) continue;
       sdkOptions[key] = value;
     }
diff --git a/components/frontend/src/components/__tests__/advanced-sdk-options.test.tsx b/components/frontend/src/components/__tests__/advanced-sdk-options.test.tsx
index cd46c01ce..60fa25324 100644
--- a/components/frontend/src/components/__tests__/advanced-sdk-options.test.tsx
+++ b/components/frontend/src/components/__tests__/advanced-sdk-options.test.tsx
@@ -78,11 +78,10 @@ describe("AdvancedSdkOptions", () => {
 
     renderWithForm();
     expect(screen.getByText("Advanced SDK Options")).toBeDefined();
-    // The form fields should NOT be visible when collapsed
     expect(screen.queryByTestId("agent-options-fields")).toBeNull();
   });
 
-  it("expands on click to show form fields", () => {
+  it("expands on click to show form fields and save button", () => {
     mockUseWorkspaceFlag.mockReturnValue({
       enabled: true,
       isLoading: false,
@@ -91,13 +90,14 @@ describe("AdvancedSdkOptions", () => {
     });
 
     renderWithForm();
-    const trigger = screen.getByText("Advanced SDK Options");
-    fireEvent.click(trigger);
+    fireEvent.click(screen.getByText("Advanced SDK Options"));
 
     expect(screen.getByTestId("agent-options-fields")).toBeDefined();
+    expect(screen.getByText("Save Options")).toBeDefined();
+    expect(screen.getByText("Cancel")).toBeDefined();
   });
 
-  it("shows form fields when expanded", () => {
+  it("shows compact summary after save", () => {
     mockUseWorkspaceFlag.mockReturnValue({
       enabled: true,
       isLoading: false,
@@ -106,12 +106,16 @@ describe("AdvancedSdkOptions", () => {
     });
 
     renderWithForm();
-    // Click to expand
+
+    // Expand
     fireEvent.click(screen.getByText("Advanced SDK Options"));
+    expect(screen.getByTestId("agent-options-fields")).toBeDefined();
 
-    const fields = screen.getByTestId("agent-options-fields");
-    expect(fields).toBeDefined();
-    expect(fields.textContent).toContain("Agent Options Fields");
+    // Save (with defaults — summary will be empty, so it goes back to collapsed)
+    fireEvent.click(screen.getByText("Save Options"));
+
+    // Form should collapse — no longer editing
+    expect(screen.queryByTestId("agent-options-fields")).toBeNull();
   });
 
   it("calls useWorkspaceFlag with correct project and flag name", () => {
@@ -125,7 +129,7 @@ describe("AdvancedSdkOptions", () => {
     renderWithForm();
     expect(mockUseWorkspaceFlag).toHaveBeenCalledWith(
       "test-project",
-      "advanced-sdk-options"
+      "advanced-sdk-options",
     );
   });
 });
diff --git a/components/frontend/src/components/advanced-sdk-options.tsx b/components/frontend/src/components/advanced-sdk-options.tsx
index e3ad86a5c..2cec92770 100644
--- a/components/frontend/src/components/advanced-sdk-options.tsx
+++ b/components/frontend/src/components/advanced-sdk-options.tsx
@@ -1,17 +1,28 @@
 "use client";
 
-import { useState } from "react";
+import { useState, useCallback } from "react";
 import type { UseFormReturn } from "react-hook-form";
-import { ChevronRight } from "lucide-react";
+import { ChevronRight, Check, X, Settings2 } from "lucide-react";
 import {
   Collapsible,
   CollapsibleContent,
   CollapsibleTrigger,
 } from "@/components/ui/collapsible";
 import { Form } from "@/components/ui/form";
+import { Button } from "@/components/ui/button";
+import { Badge } from "@/components/ui/badge";
+import {
+  Dialog,
+  DialogContent,
+  DialogDescription,
+  DialogFooter,
+  DialogHeader,
+  DialogTitle,
+} from "@/components/ui/dialog";
 import { useWorkspaceFlag } from "@/services/queries/use-feature-flags-admin";
 import {
   AgentOptionsFields,
+  claudeAgentOptionsDefaults,
   type ClaudeAgentOptionsForm,
 } from "./claude-agent-options";
 
@@ -21,31 +32,199 @@ type AdvancedSdkOptionsProps = {
   disabled?: boolean;
 };
 
+/** Return non-default field entries as a flat record for display. */
+function getSavedSummary(
+  values: Partial<ClaudeAgentOptionsForm>,
+): Record<string, string> {
+  const defaults = claudeAgentOptionsDefaults as Record<string, unknown>;
+  const summary: Record<string, string> = {};
+
+  for (const [key, value] of Object.entries(values)) {
+    if (value === undefined || value === null || value === "") continue;
+    if (Array.isArray(value) && value.length === 0) continue;
+    if (
+      typeof value === "object" &&
+      value !== null &&
+      !Array.isArray(value) &&
+      Object.keys(value as Record<string, unknown>).length === 0
+    )
+      continue;
+    if (
+      key in defaults &&
+      JSON.stringify(value) === JSON.stringify(defaults[key])
+    )
+      continue;
+
+    // Format display value
+    if (typeof value === "boolean") {
+      summary[key] = value ? "on" : "off";
+    } else if (typeof value === "number") {
+      summary[key] = String(value);
+    } else if (typeof value === "string") {
+      summary[key] = value.length > 30 ? `${value.slice(0, 27)}...` : value;
+    } else {
+      summary[key] = "configured";
+    }
+  }
+
+  return summary;
+}
+
 export function AdvancedSdkOptions({
   projectName,
   form,
   disabled,
 }: AdvancedSdkOptionsProps) {
   const { enabled } = useWorkspaceFlag(projectName, "advanced-sdk-options");
-  const [open, setOpen] = useState(false);
+  const [editing, setEditing] = useState(false);
+  const [saved, setSaved] = useState(false);
+  const [savedValues, setSavedValues] = useState<Record<string, string>>({});
+  const [showAbandonDialog, setShowAbandonDialog] = useState(false);
+  const [snapshotValues, setSnapshotValues] =
+    useState<Partial<ClaudeAgentOptionsForm> | null>(null);
+
+  const hasSavedOptions = Object.keys(savedValues).length > 0;
+
+  const isDirty = useCallback(() => {
+    const current = form.getValues();
+    const compare = snapshotValues ?? claudeAgentOptionsDefaults;
+    return JSON.stringify(current) !== JSON.stringify(compare);
+  }, [form, snapshotValues]);
+
+  const handleSave = useCallback(() => {
+    const values = form.getValues();
+    const summary = getSavedSummary(values);
+    setSavedValues(summary);
+    setSaved(true);
+    setEditing(false);
+    setSnapshotValues(values);
+  }, [form]);
+
+  const handleStartEdit = useCallback(() => {
+    setSnapshotValues(form.getValues());
+    setEditing(true);
+    setSaved(false);
+  }, [form]);
+
+  const handleCollapse = useCallback(() => {
+    if (editing && isDirty()) {
+      setShowAbandonDialog(true);
+    } else {
+      setEditing(false);
+    }
+  }, [editing, isDirty]);
+
+  const handleAbandon = useCallback(() => {
+    if (snapshotValues) {
+      form.reset(snapshotValues as ClaudeAgentOptionsForm);
+    } else {
+      form.reset(claudeAgentOptionsDefaults as ClaudeAgentOptionsForm);
+    }
+    setEditing(false);
+    setShowAbandonDialog(false);
+  }, [form, snapshotValues]);
+
+  const handleSaveFromDialog = useCallback(() => {
+    handleSave();
+    setShowAbandonDialog(false);
+  }, [handleSave]);
 
   if (!enabled) return null;
 
-  return (
-    <Collapsible open={open} onOpenChange={setOpen}>
-      <CollapsibleTrigger className="flex w-full items-center gap-2 rounded-md px-3 py-2 text-sm font-medium text-muted-foreground hover:bg-muted/50 transition-colors cursor-pointer">
-        <ChevronRight
-          className={`h-4 w-4 shrink-0 transition-transform duration-200 ${open ? "rotate-90" : ""}`}
-        />
-        Advanced SDK Options
-      </CollapsibleTrigger>
-      <CollapsibleContent>
-        <div className="pt-3">
-          <Form {...form}>
-            <AgentOptionsFields form={form} disabled={disabled} />
-          </Form>
+  // Saved state: show compact summary
+  if (saved && !editing && hasSavedOptions) {
+    return (
+      <div className="space-y-2">
+        <button
+          type="button"
+          onClick={handleStartEdit}
+          className="flex w-full items-center gap-2 rounded-md px-3 py-2 text-sm font-medium text-muted-foreground hover:bg-muted/50 transition-colors cursor-pointer"
+        >
+          <Settings2 className="h-4 w-4 shrink-0" />
+          SDK Options
+          <Check className="h-4 w-4 text-green-500 ml-auto" />
+        </button>
+        <div className="flex flex-wrap gap-1.5 px-3">
+          {Object.entries(savedValues).map(([key, value]) => (
+            <Badge
+              key={key}
+              variant="secondary"
+              className="text-xs font-normal"
+            >
+              {key.replace(/_/g, " ")}: {value}
+            </Badge>
+          ))}
         </div>
-      </CollapsibleContent>
-    </Collapsible>
+      </div>
+    );
+  }
+
+  // Editing state: show full form
+  return (
+    <>
+      <Collapsible open={editing} onOpenChange={(open) => {
+        if (open) {
+          handleStartEdit();
+        } else {
+          handleCollapse();
+        }
+      }}>
+        <CollapsibleTrigger className="flex w-full items-center gap-2 rounded-md px-3 py-2 text-sm font-medium text-muted-foreground hover:bg-muted/50 transition-colors cursor-pointer">
+          <ChevronRight
+            className={`h-4 w-4 shrink-0 transition-transform duration-200 ${editing ? "rotate-90" : ""}`}
+          />
+          Advanced SDK Options
+        </CollapsibleTrigger>
+        <CollapsibleContent>
+          <div className="pt-3 space-y-3">
+            <Form {...form}>
+              <AgentOptionsFields form={form} disabled={disabled} />
+            </Form>
+            <div className="flex items-center gap-2 px-1">
+              <Button
+                type="button"
+                size="sm"
+                onClick={handleSave}
+                disabled={disabled}
+              >
+                <Check className="h-3.5 w-3.5 mr-1.5" />
+                Save Options
+              </Button>
+              <Button
+                type="button"
+                variant="ghost"
+                size="sm"
+                onClick={handleCollapse}
+                disabled={disabled}
+              >
+                Cancel
+              </Button>
+            </div>
+          </div>
+        </CollapsibleContent>
+      </Collapsible>
+
+      {/* Dirty form guard */}
+      <Dialog open={showAbandonDialog} onOpenChange={setShowAbandonDialog}>
+        <DialogContent>
+          <DialogHeader>
+            <DialogTitle>Unsaved SDK Options</DialogTitle>
+            <DialogDescription>
+              You have unsaved changes to the SDK options. Save them or discard?
+            </DialogDescription>
+          </DialogHeader>
+          <DialogFooter>
+            <Button variant="outline" onClick={handleAbandon}>
+              <X className="h-3.5 w-3.5 mr-1.5" />
+              Discard
+            </Button>
+            <Button onClick={handleSaveFromDialog}>
+              <Check className="h-3.5 w-3.5 mr-1.5" />
+              Save
+            </Button>
+          </DialogFooter>
+        </DialogContent>
+      </Dialog>
+    </>
   );
 }

From a19f25376b5eeee8a6f6c4b670506e07dfcb6c89 Mon Sep 17 00:00:00 2001
From: Ambient Code Bot <bot@ambient-code.local>
Date: Thu, 16 Apr 2026 17:05:37 -0400
Subject: [PATCH 16/16] feat(frontend): move SDK Options from collapsible into
 + menu dialog

- SDK Options now opens as a Dialog from the + dropdown menu item
- Menu item gated by advanced-sdk-options workspace flag
- AdvancedSdkOptions component simplified: no collapsible, no flag
  check (parent handles both), accepts onSave callback
- Separator only renders when flag-gated items are visible
- Updated tests for new component API

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../__tests__/new-session-view.test.tsx       |   8 +
 .../components/new-session-view.tsx           |  44 ++++-
 .../__tests__/advanced-sdk-options.test.tsx   |  96 ++-------
 .../src/components/advanced-sdk-options.tsx   | 184 ++++--------------
 4 files changed, 103 insertions(+), 229 deletions(-)

diff --git a/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/__tests__/new-session-view.test.tsx b/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/__tests__/new-session-view.test.tsx
index 889375523..df5d64557 100755
--- a/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/__tests__/new-session-view.test.tsx
+++ b/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/__tests__/new-session-view.test.tsx
@@ -40,6 +40,14 @@ vi.mock('../workflow-selector', () => ({
   WorkflowSelector: () => <button data-testid="workflow-selector">No workflow</button>,
 }));
 
+vi.mock('@/hooks/use-local-storage', () => ({
+  useLocalStorage: () => [null, vi.fn()],
+}));
+
+vi.mock('@/services/queries/use-feature-flags-admin', () => ({
+  useWorkspaceFlag: () => ({ enabled: false, isLoading: false, error: null, source: undefined }),
+}));
+
 vi.mock('@/components/advanced-sdk-options', () => ({
   AdvancedSdkOptions: () => null,
 }));
diff --git a/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/new-session-view.tsx b/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/new-session-view.tsx
index d0c8dafe0..299b29f99 100755
--- a/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/new-session-view.tsx
+++ b/components/frontend/src/app/projects/[name]/sessions/[sessionName]/components/new-session-view.tsx
@@ -3,10 +3,16 @@
 import { useState, useRef, useCallback, useEffect, useMemo } from "react";
 import { useForm } from "react-hook-form";
 import { zodResolver } from "@hookform/resolvers/zod";
-import { MessageSquarePlus, ArrowUp, Loader2, Plus, GitBranch, Upload, X } from "lucide-react";
+import { MessageSquarePlus, ArrowUp, Loader2, Plus, GitBranch, Upload, X, Settings2 } from "lucide-react";
 import { Button } from "@/components/ui/button";
 import { Badge } from "@/components/ui/badge";
 import { Textarea } from "@/components/ui/textarea";
+import {
+  Dialog,
+  DialogContent,
+  DialogHeader,
+  DialogTitle,
+} from "@/components/ui/dialog";
 import {
   DropdownMenu,
   DropdownMenuContent,
@@ -27,6 +33,7 @@ import { useRunnerTypes } from "@/services/queries/use-runner-types";
 import { useModels } from "@/services/queries/use-models";
 import { DEFAULT_RUNNER_TYPE_ID } from "@/services/api/runner-types";
 import { useLocalStorage } from "@/hooks/use-local-storage";
+import { useWorkspaceFlag } from "@/services/queries/use-feature-flags-admin";
 import { AdvancedSdkOptions } from "@/components/advanced-sdk-options";
 import {
   claudeAgentOptionsSchema,
@@ -77,10 +84,13 @@ export function NewSessionView({
     }
   }, [menuSeenVersion, setMenuSeenVersion]);
 
+  const { enabled: sdkOptionsEnabled } = useWorkspaceFlag(projectName, "advanced-sdk-options");
+
   const sdkOptionsForm = useForm<ClaudeAgentOptionsForm>({
     resolver: zodResolver(claudeAgentOptionsSchema),
     defaultValues: claudeAgentOptionsDefaults,
   });
+  const [sdkOptionsDialogOpen, setSdkOptionsDialogOpen] = useState(false);
 
   const [prompt, setPrompt] = useState("");
   const [selectedRunner, setSelectedRunner] = useState<string>(DEFAULT_RUNNER_TYPE_ID);
@@ -238,7 +248,15 @@ export function NewSessionView({
                     <Upload className="w-4 h-4 mr-2" />
                     Upload File
                   </DropdownMenuItem>
-                  <DropdownMenuSeparator />
+                  {sdkOptionsEnabled && (
+                    <>
+                      <DropdownMenuSeparator />
+                      <DropdownMenuItem onClick={() => setSdkOptionsDialogOpen(true)}>
+                        <Settings2 className="w-4 h-4 mr-2" />
+                        SDK Options...
+                      </DropdownMenuItem>
+                    </>
+                  )}
                 </DropdownMenuContent>
               </DropdownMenu>
               <RunnerModelSelector
@@ -303,15 +321,23 @@ export function NewSessionView({
           </div>
         )}
 
-        {/* Advanced SDK Options (gated by workspace flag) */}
-        <AdvancedSdkOptions
-          projectName={projectName}
-          form={sdkOptionsForm}
-          disabled={isSubmitting}
-        />
-
       </div>
 
+      {/* SDK Options Dialog (opened from + menu) */}
+      <Dialog open={sdkOptionsDialogOpen} onOpenChange={setSdkOptionsDialogOpen}>
+        <DialogContent className="max-w-2xl max-h-[80vh] overflow-y-auto">
+          <DialogHeader>
+            <DialogTitle>SDK Options</DialogTitle>
+          </DialogHeader>
+          <AdvancedSdkOptions
+            projectName={projectName}
+            form={sdkOptionsForm}
+            disabled={isSubmitting}
+            onSave={() => setSdkOptionsDialogOpen(false)}
+          />
+        </DialogContent>
+      </Dialog>
+
       <AddContextModal
         open={contextModalOpen}
         onOpenChange={setContextModalOpen}
diff --git a/components/frontend/src/components/__tests__/advanced-sdk-options.test.tsx b/components/frontend/src/components/__tests__/advanced-sdk-options.test.tsx
index 60fa25324..c3260d7f5 100644
--- a/components/frontend/src/components/__tests__/advanced-sdk-options.test.tsx
+++ b/components/frontend/src/components/__tests__/advanced-sdk-options.test.tsx
@@ -9,17 +9,6 @@ import {
   type ClaudeAgentOptionsForm,
 } from "../claude-agent-options";
 
-// Mock useWorkspaceFlag
-const mockUseWorkspaceFlag = vi.fn(() => ({
-  enabled: false,
-  isLoading: false,
-  error: null,
-  source: undefined,
-}));
-vi.mock("@/services/queries/use-feature-flags-admin", () => ({
-  useWorkspaceFlag: (...args: unknown[]) => mockUseWorkspaceFlag(...args),
-}));
-
 // Mock AgentOptionsFields to avoid rendering the full form tree
 vi.mock("../claude-agent-options", async () => {
   const actual = await vi.importActual("../claude-agent-options");
@@ -33,8 +22,8 @@ vi.mock("../claude-agent-options", async () => {
   };
 });
 
-// Helper to render the component with a form
-function renderWithForm(props?: { disabled?: boolean }) {
+function renderWithForm(props?: { disabled?: boolean; onSave?: () => void }) {
+  const onSave = props?.onSave ?? vi.fn();
   function TestHarness() {
     const form = useForm<ClaudeAgentOptionsForm>({
       resolver: zodResolver(claudeAgentOptionsSchema),
@@ -45,10 +34,11 @@ function renderWithForm(props?: { disabled?: boolean }) {
         projectName="test-project"
         form={form}
         disabled={props?.disabled}
+        onSave={onSave}
       />
     );
   }
-  return render(<TestHarness />);
+  return { ...render(<TestHarness />), onSave };
 }
 
 describe("AdvancedSdkOptions", () => {
@@ -56,80 +46,28 @@ describe("AdvancedSdkOptions", () => {
     vi.clearAllMocks();
   });
 
-  it("renders nothing when advanced-sdk-options flag is false", () => {
-    mockUseWorkspaceFlag.mockReturnValue({
-      enabled: false,
-      isLoading: false,
-      error: null,
-      source: undefined,
-    });
-
-    const { container } = renderWithForm();
-    expect(container.innerHTML).toBe("");
-  });
-
-  it("renders collapsed by default when flag is true", () => {
-    mockUseWorkspaceFlag.mockReturnValue({
-      enabled: true,
-      isLoading: false,
-      error: null,
-      source: undefined,
-    });
-
-    renderWithForm();
-    expect(screen.getByText("Advanced SDK Options")).toBeDefined();
-    expect(screen.queryByTestId("agent-options-fields")).toBeNull();
-  });
-
-  it("expands on click to show form fields and save button", () => {
-    mockUseWorkspaceFlag.mockReturnValue({
-      enabled: true,
-      isLoading: false,
-      error: null,
-      source: undefined,
-    });
-
+  it("renders form fields and save/cancel buttons", () => {
     renderWithForm();
-    fireEvent.click(screen.getByText("Advanced SDK Options"));
-
     expect(screen.getByTestId("agent-options-fields")).toBeDefined();
     expect(screen.getByText("Save Options")).toBeDefined();
     expect(screen.getByText("Cancel")).toBeDefined();
   });
 
-  it("shows compact summary after save", () => {
-    mockUseWorkspaceFlag.mockReturnValue({
-      enabled: true,
-      isLoading: false,
-      error: null,
-      source: undefined,
-    });
-
-    renderWithForm();
-
-    // Expand
-    fireEvent.click(screen.getByText("Advanced SDK Options"));
-    expect(screen.getByTestId("agent-options-fields")).toBeDefined();
-
-    // Save (with defaults — summary will be empty, so it goes back to collapsed)
+  it("calls onSave when Save Options is clicked", () => {
+    const { onSave } = renderWithForm();
     fireEvent.click(screen.getByText("Save Options"));
-
-    // Form should collapse — no longer editing
-    expect(screen.queryByTestId("agent-options-fields")).toBeNull();
+    expect(onSave).toHaveBeenCalled();
   });
 
-  it("calls useWorkspaceFlag with correct project and flag name", () => {
-    mockUseWorkspaceFlag.mockReturnValue({
-      enabled: false,
-      isLoading: false,
-      error: null,
-      source: undefined,
-    });
+  it("calls onSave when Cancel is clicked with no changes", () => {
+    const { onSave } = renderWithForm();
+    fireEvent.click(screen.getByText("Cancel"));
+    expect(onSave).toHaveBeenCalled();
+  });
 
-    renderWithForm();
-    expect(mockUseWorkspaceFlag).toHaveBeenCalledWith(
-      "test-project",
-      "advanced-sdk-options",
-    );
+  it("disables buttons when disabled prop is true", () => {
+    renderWithForm({ disabled: true });
+    const saveBtn = screen.getByText("Save Options").closest("button");
+    expect(saveBtn?.hasAttribute("disabled")).toBe(true);
   });
 });
diff --git a/components/frontend/src/components/advanced-sdk-options.tsx b/components/frontend/src/components/advanced-sdk-options.tsx
index 2cec92770..99f2f7b97 100644
--- a/components/frontend/src/components/advanced-sdk-options.tsx
+++ b/components/frontend/src/components/advanced-sdk-options.tsx
@@ -2,15 +2,9 @@
 
 import { useState, useCallback } from "react";
 import type { UseFormReturn } from "react-hook-form";
-import { ChevronRight, Check, X, Settings2 } from "lucide-react";
-import {
-  Collapsible,
-  CollapsibleContent,
-  CollapsibleTrigger,
-} from "@/components/ui/collapsible";
+import { Check, X } from "lucide-react";
 import { Form } from "@/components/ui/form";
 import { Button } from "@/components/ui/button";
-import { Badge } from "@/components/ui/badge";
 import {
   Dialog,
   DialogContent,
@@ -19,7 +13,6 @@ import {
   DialogHeader,
   DialogTitle,
 } from "@/components/ui/dialog";
-import { useWorkspaceFlag } from "@/services/queries/use-feature-flags-admin";
 import {
   AgentOptionsFields,
   claudeAgentOptionsDefaults,
@@ -30,60 +23,23 @@ type AdvancedSdkOptionsProps = {
   projectName: string;
   form: UseFormReturn<ClaudeAgentOptionsForm>;
   disabled?: boolean;
+  onSave?: () => void;
 };
 
-/** Return non-default field entries as a flat record for display. */
-function getSavedSummary(
-  values: Partial<ClaudeAgentOptionsForm>,
-): Record<string, string> {
-  const defaults = claudeAgentOptionsDefaults as Record<string, unknown>;
-  const summary: Record<string, string> = {};
-
-  for (const [key, value] of Object.entries(values)) {
-    if (value === undefined || value === null || value === "") continue;
-    if (Array.isArray(value) && value.length === 0) continue;
-    if (
-      typeof value === "object" &&
-      value !== null &&
-      !Array.isArray(value) &&
-      Object.keys(value as Record<string, unknown>).length === 0
-    )
-      continue;
-    if (
-      key in defaults &&
-      JSON.stringify(value) === JSON.stringify(defaults[key])
-    )
-      continue;
-
-    // Format display value
-    if (typeof value === "boolean") {
-      summary[key] = value ? "on" : "off";
-    } else if (typeof value === "number") {
-      summary[key] = String(value);
-    } else if (typeof value === "string") {
-      summary[key] = value.length > 30 ? `${value.slice(0, 27)}...` : value;
-    } else {
-      summary[key] = "configured";
-    }
-  }
-
-  return summary;
-}
-
 export function AdvancedSdkOptions({
-  projectName,
   form,
   disabled,
+  onSave,
 }: AdvancedSdkOptionsProps) {
-  const { enabled } = useWorkspaceFlag(projectName, "advanced-sdk-options");
-  const [editing, setEditing] = useState(false);
-  const [saved, setSaved] = useState(false);
-  const [savedValues, setSavedValues] = useState<Record<string, string>>({});
   const [showAbandonDialog, setShowAbandonDialog] = useState(false);
   const [snapshotValues, setSnapshotValues] =
     useState<Partial<ClaudeAgentOptionsForm> | null>(null);
 
-  const hasSavedOptions = Object.keys(savedValues).length > 0;
+  const takeSnapshot = useCallback(() => {
+    if (!snapshotValues) {
+      setSnapshotValues(form.getValues());
+    }
+  }, [form, snapshotValues]);
 
   const isDirty = useCallback(() => {
     const current = form.getValues();
@@ -92,27 +48,17 @@ export function AdvancedSdkOptions({
   }, [form, snapshotValues]);
 
   const handleSave = useCallback(() => {
-    const values = form.getValues();
-    const summary = getSavedSummary(values);
-    setSavedValues(summary);
-    setSaved(true);
-    setEditing(false);
-    setSnapshotValues(values);
-  }, [form]);
-
-  const handleStartEdit = useCallback(() => {
     setSnapshotValues(form.getValues());
-    setEditing(true);
-    setSaved(false);
-  }, [form]);
+    onSave?.();
+  }, [form, onSave]);
 
-  const handleCollapse = useCallback(() => {
-    if (editing && isDirty()) {
+  const handleCancel = useCallback(() => {
+    if (isDirty()) {
       setShowAbandonDialog(true);
     } else {
-      setEditing(false);
+      onSave?.();
     }
-  }, [editing, isDirty]);
+  }, [isDirty, onSave]);
 
   const handleAbandon = useCallback(() => {
     if (snapshotValues) {
@@ -120,89 +66,45 @@ export function AdvancedSdkOptions({
     } else {
       form.reset(claudeAgentOptionsDefaults as ClaudeAgentOptionsForm);
     }
-    setEditing(false);
     setShowAbandonDialog(false);
-  }, [form, snapshotValues]);
+    onSave?.();
+  }, [form, snapshotValues, onSave]);
 
   const handleSaveFromDialog = useCallback(() => {
     handleSave();
     setShowAbandonDialog(false);
   }, [handleSave]);
 
-  if (!enabled) return null;
-
-  // Saved state: show compact summary
-  if (saved && !editing && hasSavedOptions) {
-    return (
-      <div className="space-y-2">
-        <button
-          type="button"
-          onClick={handleStartEdit}
-          className="flex w-full items-center gap-2 rounded-md px-3 py-2 text-sm font-medium text-muted-foreground hover:bg-muted/50 transition-colors cursor-pointer"
-        >
-          <Settings2 className="h-4 w-4 shrink-0" />
-          SDK Options
-          <Check className="h-4 w-4 text-green-500 ml-auto" />
-        </button>
-        <div className="flex flex-wrap gap-1.5 px-3">
-          {Object.entries(savedValues).map(([key, value]) => (
-            <Badge
-              key={key}
-              variant="secondary"
-              className="text-xs font-normal"
-            >
-              {key.replace(/_/g, " ")}: {value}
-            </Badge>
-          ))}
-        </div>
-      </div>
-    );
-  }
+  // Take snapshot on first render inside the dialog
+  takeSnapshot();
 
-  // Editing state: show full form
   return (
     <>
-      <Collapsible open={editing} onOpenChange={(open) => {
-        if (open) {
-          handleStartEdit();
-        } else {
-          handleCollapse();
-        }
-      }}>
-        <CollapsibleTrigger className="flex w-full items-center gap-2 rounded-md px-3 py-2 text-sm font-medium text-muted-foreground hover:bg-muted/50 transition-colors cursor-pointer">
-          <ChevronRight
-            className={`h-4 w-4 shrink-0 transition-transform duration-200 ${editing ? "rotate-90" : ""}`}
-          />
-          Advanced SDK Options
-        </CollapsibleTrigger>
-        <CollapsibleContent>
-          <div className="pt-3 space-y-3">
-            <Form {...form}>
-              <AgentOptionsFields form={form} disabled={disabled} />
-            </Form>
-            <div className="flex items-center gap-2 px-1">
-              <Button
-                type="button"
-                size="sm"
-                onClick={handleSave}
-                disabled={disabled}
-              >
-                <Check className="h-3.5 w-3.5 mr-1.5" />
-                Save Options
-              </Button>
-              <Button
-                type="button"
-                variant="ghost"
-                size="sm"
-                onClick={handleCollapse}
-                disabled={disabled}
-              >
-                Cancel
-              </Button>
-            </div>
-          </div>
-        </CollapsibleContent>
-      </Collapsible>
+      <div className="space-y-3">
+        <Form {...form}>
+          <AgentOptionsFields form={form} disabled={disabled} />
+        </Form>
+        <div className="flex items-center gap-2 pt-2">
+          <Button
+            type="button"
+            size="sm"
+            onClick={handleSave}
+            disabled={disabled}
+          >
+            <Check className="h-3.5 w-3.5 mr-1.5" />
+            Save Options
+          </Button>
+          <Button
+            type="button"
+            variant="ghost"
+            size="sm"
+            onClick={handleCancel}
+            disabled={disabled}
+          >
+            Cancel
+          </Button>
+        </div>
+      </div>
 
       {/* Dirty form guard */}
       <Dialog open={showAbandonDialog} onOpenChange={setShowAbandonDialog}>