v0.8.61: Split model-facing runtime capabilities from human-facing mode labels

[Hmbown]

Problem

The model-facing runtime prompt currently exposes user-facing mode labels and approval details too directly. Some models then narrate those labels back to Hunter or keep repeating mode/state phrases after the useful work is done.

Current CodeWhale examples:

• The transient runtime tag is shaped like <runtime_prompt ... mode="yolo" approval="auto" allow_shell="true"/>.
• Mode prompt files say not to announce the mode, but the labels are still highly salient.
• ApprovalMode::Auto/Suggest/Never is a UI/runtime implementation detail, not the clearest model-facing instruction.
• Plan/Agent/YOLO should remain useful UI labels, but they should not be the core operational language shown to the model every turn.

The runtime needs to keep UI labels for humans while giving the model only the compact capability facts it needs to act correctly.

Target Design

Split human-facing mode names from model-facing runtime capability summaries.

Human-facing UI may still show:

• Plan
• Normal / Agent
• YOLO
• permission profile
• approval policy
• sandbox/trust boundary
• running jobs / Fleet workers

Model-facing internal prompt should receive only compact operational facts, for example:

<cw_runtime_capabilities
  writes="none|workspace|all"
  shell="none|read_only|workspace|all"
  network="none|ask|allowed"
  approvals="available|blocked|not_needed"
  execution="foreground|background_preferred|fleet_preferred"
  planning="plan_only|implementation_allowed"
/>

The exact wire shape can differ, but the invariant should be: model-facing runtime facts describe capabilities and constraints, not human UI mode branding.

Fit With Current CodeWhale

• Replace runtime_prompt_text(mode, approval_mode, allow_shell) with a function that derives a compact capability summary from EffectivePermissions plus collaboration posture.
• Keep a frozen/static prompt reference for what each field means, but avoid labels like YOLO, Agent, Plan, approval=auto, and approval=never in the per-turn tag.
• Keep UI labels in the header, footer, /status, /mode, and /permissions; do not remove the visible affordances Hunter uses.
• Keep plan behavior as a posture: investigate, clarify, and present a decision-complete plan. Do not encode it as a hidden blanket ban on all shell; use the permission profile to decide what shell is allowed.
• Keep full-access behavior as capabilities: broad writes/shell/network, no prompts, receipts retained. Do not rely on the model seeing or repeating the word YOLO.
• Ensure child/Fleet worker runtime messages inherit effective capabilities without repeating user-facing labels.

Acceptance Criteria

• Runtime prompt assembly no longer teaches the model to say or repeat user-facing mode labels.
• Approval/sandbox/permission state is summarized as capabilities, not branding or UI state.
• Tests assert the model-facing per-turn tag does not contain YOLO, Plan, Agent, approval="auto", or approval="never".
• Plan still encourages grounded plans, read-only-first investigation, and explicit approval handoff.
• Normal/Agent still encourages implementation and verification.
• Full-access behavior still permits broad execution while keeping receipts/status visible.
• Existing UI labels and config compatibility remain intact.

Related

• v0.8.61: Add first-class permission profiles and nonblocking execution defaults #3211 permission profiles and execution defaults
• v0.8.61: Default independent shell and verifier work to background jobs #3212 nonblocking shell/verifier execution
• v0.8.58: Parameterize model-specific facts in the constitution prompt — no more DeepSeek-V4 self-model for every model #3025 parameterize model-specific prompt facts
• v0.8.58: Land constitution system prompt (YAML source-of-truth + renderer) — test, document, close superseded prompt issues #3015 constitution prompt source-of-truth
• v0.8.58: Reasoning-content integrity — audit #861's four root causes on the constitution branch and fix the remainder #3016 reasoning-content integrity