From 990545181b7ee4db253b7ea2693ed5ee52997d69 Mon Sep 17 00:00:00 2001
From: Vincent Koc <vincentkoc@ieee.org>
Date: Fri, 3 Apr 2026 01:54:19 +0900
Subject: [PATCH] fix(ci): preserve strict inline-eval denial after durable awk
 trust

---
 src/node-host/invoke-system-run.ts | 33 +++++++++++++++++-------------
 1 file changed, 19 insertions(+), 14 deletions(-)

diff --git a/src/node-host/invoke-system-run.ts b/src/node-host/invoke-system-run.ts
index c91a47eaac6..9e8c5593fec 100644
--- a/src/node-host/invoke-system-run.ts
+++ b/src/node-host/invoke-system-run.ts
@@ -367,12 +367,15 @@ async function evaluateSystemRunPolicyPhase(
     allowlist: approvals.allowlist,
     commandText: parsed.commandText,
   });
+  const inlineEvalExecutableTrusted =
+    inlineEvalHit !== null &&
+    segmentAllowlistEntries.some((entry) => entry?.source === "allow-always");
   const policy = evaluateSystemRunPolicy({
     security,
     ask,
     analysisOk,
     allowlistSatisfied,
-    durableApprovalSatisfied,
+    durableApprovalSatisfied: durableApprovalSatisfied || inlineEvalExecutableTrusted,
     approvalDecision: parsed.approvalDecision,
     approved: parsed.approved,
     isWindows,
@@ -563,18 +566,17 @@ async function executeSystemRunPhase(
   }
 
   if (phase.policy.approvalDecision === "allow-always" && phase.inlineEvalHit === null) {
-    const patterns =
-      phase.policy.analysisOk
-        ? persistAllowAlwaysPatterns({
-            approvals: phase.approvals.file,
-            agentId: phase.agentId,
-            segments: phase.segments,
-            cwd: phase.cwd,
-            env: phase.env,
-            platform: process.platform,
-            strictInlineEval: phase.strictInlineEval,
-          })
-        : [];
+    const patterns = phase.policy.analysisOk
+      ? persistAllowAlwaysPatterns({
+          approvals: phase.approvals.file,
+          agentId: phase.agentId,
+          segments: phase.segments,
+          cwd: phase.cwd,
+          env: phase.env,
+          platform: process.platform,
+          strictInlineEval: phase.strictInlineEval,
+        })
+      : [];
     if (patterns.length === 0) {
       addDurableCommandApproval(phase.approvals.file, phase.agentId, phase.commandText);
     }
@@ -585,7 +587,10 @@ async function executeSystemRunPhase(
     agentId: phase.agentId,
     matches: phase.allowlistMatches,
     command: phase.commandText,
-    resolvedPath: resolveApprovalAuditCandidatePath(phase.segments[0]?.resolution ?? null, phase.cwd),
+    resolvedPath: resolveApprovalAuditCandidatePath(
+      phase.segments[0]?.resolution ?? null,
+      phase.cwd,
+    ),
   });
 
   if (phase.needsScreenRecording) {