Agent mode parses any piped stdin as --input-json, breaking shell loops and preempting explicit flags

[jacekradko]

Found while scripting a batch of clerk config patch calls (CLI 1.5.0, agent mode). In agent mode, any non-empty piped stdin gets parsed as the global --input-json options payload, even when --input-json was never passed. If stdin isn't valid JSON, the command fails before doing anything:

$ echo 'not json' | clerk whoami
{"error":{"code":"invalid_json","message":"Invalid JSON in --input-json. Please provide valid JSON."}}

Where this bites in practice is shell loops, which is the bread-and-butter pattern for scripted/agent usage:

while read -r name app ins; do
  clerk config patch --app "$app" --instance "$ins" \
    --json '{"auth_attack_protection":{"bot_protection":{"captcha_enabled":false}}}' --yes
done < worklist.tsv

The clerk process inherits the loop's stdin, swallows the rest of the work list, fails with invalid_json despite the explicit and valid --json flag, and the loop silently terminates after one iteration. Workaround that makes it behave: </dev/null on the clerk call.

Two suggestions:

• Only read stdin as the options payload when --input-json - is passed explicitly. Implicit stdin consumption is surprising for every command that doesn't otherwise read stdin, and it preempts explicit flags.
• If implicit parsing stays, make the error say what happened ("stdin was interpreted as --input-json") so the failure mode is debuggable; as written it points at a flag the user never typed.

Happy to provide more environment detail if useful. Aside from this, the patch workflow itself was great: dry-run diffs made a 10-instance batch remediation very comfortable.