spiral estuary
I'm trying to get mandex installed through Discord, but tirith is blocking the install command (curl -fsSL https://mandex.dev/install.sh | sh)
I'd expect to get prompted for approval, but the agent just complains that the command gets blocked and continues with another approach. Is this a bug?
balmy fiber
Hey @spiral estuary,
The reason you're seeing a hard block is likely due to the current Tirith logic in the executor or guardrails layer. It currently treats piped commands (like | sh) as a terminal security risk, which triggers an immediate exit instead of a UserPermissionRequest.
To fix this on the project side:
We need to update the Tirith handler to return a MANUAL_APPROVAL status for these types of triggers.
For you (temporary fix):
Try to break the command apart so Tirith can evaluate each piece separately. This usually forces the agent to ask for permission:
wget https://mandex.dev/install.sh && chmod +x install.sh && ./install.sh
To the Devs:
We should modify the is_blocked() function in the Tirith module to transition from a static blacklist to an interactive approval flow. Currently, it kills the process before the user even gets a chance to click 'Approve'.