feat(cli): allow user to opt into permissions bypass

When a user starts onboarding by running `npx stash@latest init`, it runs
through a series of detection steps, and finishes by handing off to one of
Claude Code, Codex, an `AGENTS.md` editor agent, or the CipherStash Wizard,
to do the integration of the encryption SDK into their app.

When the user picks Claude Code, the CLI spawns the claude binary with a
single argument — the launch prompt — and inherits stdio so the user can
watch the session.

Claude needs to run a lot of read/edit/exec commands to understand the
project before it can wire up the encryption SDK. Unless the user has
already configured Claude to skip permission prompts, every one of those
commands stops to ask for approval. That forces the user to babysit the
integration the whole way through.

`init` should invoke Claude with `--allow-dangerously-skip-permissions`,
so the user can shift to that mode if they decide to let Claude run with
the integration.

Author: auxesis

.changeset/allow-claude-yolo.md

@@ -0,0 +1,5 @@
+---
+"stash": patch
+---
+
+feat(cli): pass `--allow-dangerously-skip-permissions` when `stash init` launches Claude Code, so the user can opt in to skip-permissions mode mid-session without relaunching. Codex and Wizard handoffs are unchanged.

packages/cli/src/commands/init/lib/handoff-helpers.ts

@@ -16,6 +16,11 @@ import {
  * prompt as a single argument. `stdio: 'inherit'` so the user sees tool
  * calls and approves edits live; the call resolves with the exit code.
  *
+ * Claude is launched with `--allow-dangerously-skip-permissions` so the
+ * user can opt in to skip-permissions mode for the integration handoff
+ * without having to relaunch — the flag permits the toggle, it doesn't
+ * force it on.
+ *
  * Returns -1 if the binary isn't on PATH (the spawn `error` event fires
  * before `close` does). Init never aborts on a non-zero code — the
  * artifacts are already written, the user can re-run the agent.
@@ -24,8 +29,12 @@ export function spawnAgent(
   binary: 'claude' | 'codex',
   prompt: string,
 ): Promise<number> {
+  const args =
+    binary === 'claude'
+      ? ['--allow-dangerously-skip-permissions', prompt]
+      : [prompt]
   return new Promise((resolvePromise) => {
-    const child = spawn(binary, [prompt], { stdio: 'inherit', shell: false })
+    const child = spawn(binary, args, { stdio: 'inherit', shell: false })
     child.on('close', (code) => resolvePromise(code ?? 0))
     child.on('error', () => resolvePromise(-1))
   })

packages/cli/src/commands/init/steps/handoff-claude.ts

@@ -43,7 +43,7 @@ export const handoffClaudeStep: InitStep = {
           `Install: ${CLAUDE_INSTALL_URL}`,
           '',
           'Once installed, run:',
-          `  claude '${launchPrompt}'`,
+          `  claude --allow-dangerously-skip-permissions '${launchPrompt}'`,
         ].join('\n'),
         'Files written — install Claude Code to run the handoff',
       )
@@ -54,7 +54,7 @@ export const handoffClaudeStep: InitStep = {
     const exitCode = await spawnAgent('claude', launchPrompt)
     if (exitCode !== 0) {
       p.log.warn(
-        `Claude Code exited with code ${exitCode}. Re-run \`claude '${launchPrompt}'\` to resume.`,
+        `Claude Code exited with code ${exitCode}. Re-run \`claude --allow-dangerously-skip-permissions '${launchPrompt}'\` to resume.`,
       )
     }