# Phase 2: Env Audit and CLI Polish - Discussion Log

> **Audit trail only.** Do not use as input to planning, research, or execution agents.
> Decisions are captured in CONTEXT.md — this log preserves the alternatives considered.

**Date:** 2026-04-09
**Phase:** 02-env-audit-and-cli-polish
**Areas discussed:** Env audit display format, Confirmation and non-interactive behavior

---

## Env Audit Display Format

### Grouping

| Option | Description | Selected |
|--------|-------------|----------|
| Grouped by source | Three sections: Sandbox-generated, Host (allowlisted), Extra (CLAUDEBOX_EXTRA_ENV) | ✓ |
| Flat key=value list | Simple sorted list, no categories | |
| You decide | Claude's discretion | |

**User's choice:** Grouped by source
**Notes:** User wants PATH split by `:` with one entry per line. Wants automatic spacing and color coding.

### Color/Formatting

| Option | Description | Selected |
|--------|-------------|----------|
| gum (Charm TUI) | Rich formatting, handles terminal detection, adds ~15MB | |
| Plain ANSI codes | printf with escape sequences, zero dependencies | ✓ |
| You decide | Claude's discretion | |

**User's choice:** Plain ANSI codes
**Notes:** User initially considered gum but chose zero-dependency approach.

### Value Masking

| Option | Description | Selected |
|--------|-------------|----------|
| Mask sensitive values | Pattern-match on var name, show first 7 + last 4 chars | ✓ |
| Show full values | Display everything as-is | |
| You decide | Claude's discretion | |

**User's choice:** Mask sensitive values
**Notes:** User asked about dependency for secret detection. Decided pattern-matching on var names is sufficient.

### Masking Approach

| Option | Description | Selected |
|--------|-------------|----------|
| Pattern-match var names | Regex: *KEY*, *TOKEN*, *SECRET*, *PASSWORD*, *CREDENTIAL* | ✓ |
| Hardcoded list | Only mask ANTHROPIC_API_KEY specifically | |

**User's choice:** Pattern-match var names

---

## Confirmation and Non-Interactive Behavior

### Prompt Style

| Option | Description | Selected |
|--------|-------------|----------|
| y/N prompt | Default abort, user must type 'y' | |
| Y/n prompt | Default proceed, Enter launches | ✓ |
| You decide | Claude's discretion | |

**User's choice:** Y/n prompt (default proceed)

### Non-TTY Behavior

| Option | Description | Selected |
|--------|-------------|----------|
| Auto-proceed | Behave as if --yes in non-interactive | |
| Abort if no TTY | Refuse to run without explicit --yes | ✓ |
| You decide | Claude's discretion | |

**User's choice:** Abort if no TTY — forces scripts to opt-in with --yes

### Output Destination

| Option | Description | Selected |
|--------|-------------|----------|
| stderr | Audit and prompt to stderr, stdout clean | ✓ |
| stdout | Everything to stdout | |

**User's choice:** stderr

---

## Claude's Discretion

- `--dry-run` output format
- `--check` diagnostic depth and format
- Exact ANSI color choices
- Flag parsing order

## Deferred Ideas

None