allowed_tools=[] (empty list) is treated as falsy, making all tools available instead of none #523
Description
Describe
When passing allowed_tools=[] to restrict a session to no tools, the empty list is treated as falsy in Python, causing the --allowedTools flag to be omitted entirely from the CLI command. This results in all tools being available instead of none.
Location
In subprocess_cli.py, the condition uses a truthiness check:
if self._options.allowed_tools:
cmd.extend(["--allowedTools", ",".join(self._options.allowed_tools)])Since [] is falsy in Python, this condition evaluates to False, and --allowedTools is never passed to the CLI subprocess.
Expected behavior
allowed_tools=[] should mean "no tools are allowed." The --allowedTools flag should be passed with an empty value (or equivalent) so that the CLI restricts all tool usage.
The distinction between None (not specified / use defaults) and [] (explicitly no tools) should be preserved.
Suggested fix
if self._options.allowed_tools is not None:
cmd.extend(["--allowedTools", ",".join(self._options.allowed_tools)])Impact
This bug affects any use case where the caller wants a tool-free session (e.g., pure text generation, structured output only). Instead of getting a restricted session, the model has access to all tools and may consume all available turns on tool calls before producing the desired output.
Reproduction
from claude_agent_sdk import AgentOptions
options = AgentOptions(allowed_tools=[])
# When building the CLI command, --allowedTools is silently omitted
# The resulting session has all tools available