#19684: fix: change elevatedDefault fallback from 'on' to 'off'
size: XS
Cluster:
Elevated Default Configuration Fixes
## Summary
When `tools.elevated.enabled` is set to `true` without explicit `elevatedDefault` configuration, the default value was `'on'` which caused all exec commands to route through elevated approval gate and silently timeout after 120 seconds.
This fix changes the default from `'on'` to `'off'`, making elevated mode opt-in per session rather than globally forced on.
## Fixes
- Fixes #19574
## Testing
- Manual testing: With `tools.elevated.enabled: true`, exec commands now run without requiring approval by default (until user explicitly enables elevated mode per-session)
<!-- greptile_comment -->
<h3>Greptile Summary</h3>
This PR fixes a behavioral regression where the elevated mode fallback defaulted to `"on"` when `tools.elevated.enabled` was `true` without explicit `elevatedDefault` configuration. This caused all exec commands to silently route through the elevated approval gate and timeout after 120 seconds.
The fix changes the final fallback from `"on"` to `"off"` in all three resolution paths:
- `directive-handling.impl.ts` — `prevElevatedLevel` computation for directive-only handling
- `directive-handling.persist.ts` — `prevElevatedLevel` computation for inline directive persistence
- `get-reply-directives.ts` — `resolvedElevatedLevel` computation in the main reply directive resolution
This makes elevated mode opt-in (via explicit `elevatedDefault` config or per-session `/elevated on` directive) rather than implicitly forced on. The downstream consumers in `bash-tools.exec.ts` and `system-prompt.ts` that receive the resolved level remain unchanged and correctly handle all level values.
- Two files have redundant ternary expressions after this change (both branches now return `"off"`) — minor cleanup opportunity.
<h3>Confidence Score: 4/5</h3>
- This PR is a targeted, low-risk fix that corrects a default value across three files in a consistent manner.
- The change is small, focused, and consistent across all three locations. The resolution chain (directive → session → config → fallback) is properly maintained. The downstream exec handler in bash-tools.exec.ts already handles all elevated level values correctly. The only minor concern is the lack of new tests explicitly covering the fallback behavior, though existing e2e tests cover the broader elevated flow.
- No files require special attention — all three changes are mechanical and consistent.
<sub>Last reviewed commit: 18ae703</sub>
<!-- greptile_other_comments_section -->
<!-- /greptile_comment -->
Most Similar PRs
#19624: fix: elevatedDefault should default to off when tools.elevated.enab...
by stakeswky · 2026-02-18
94.7%
#18193: fix: default elevatedDefault to 'off' instead of 'on' (#18177)
by lailoo · 2026-02-16
91.6%
#19595: fix: elevatedDefault should default to off when tools.elevated.enab...
by guirguispierre · 2026-02-18
88.4%
#23752: Auto-reply: enforce per-session TTL elevated exec grants
by bmendonca3 · 2026-02-22
77.8%
#21661: fix(agents): treat approval timeout as denial regardless of askFall...
by AI-Reviewer-QS · 2026-02-20
75.8%
#19632: fix: suppressToolErrors now suppresses exec tool failure notifications
by Gitjay11 · 2026-02-18
75.5%
#20435: fix(exec): prioritize user 'always allow' config over tool defaults...
by ChisomUma · 2026-02-18
75.3%
#10189: fix: resolve file_path param in tool display for read/write tools
by Yida-Dev · 2026-02-06
75.0%
#18415: fix(agents): suppress benign exec exit code 1 from tool error surfa...
by aldoeliacim · 2026-02-16
74.9%
#18992: fix: suppress spurious tool error warnings for read-only exec commands
by Phineas1500 · 2026-02-17
74.8%