docs(research): tool permission and approval prior-art survey

[hakula139]

Summary

Adds a prior-art survey for tool permission and approval as groundwork for the Permission & Approval feature (roadmap current focus). It studies how Claude Code, Codex, and opencode gate mutating tool calls, then maps the findings onto oxide-code's existing seams with file:line anchors a design doc can build on.

Design decisions

• Sandbox-free core. Without an OS sandbox, the approval policy is the whole safety boundary. The survey lands on a small allow | ask | deny enum with fixed precedence (deny before any mode auto-allow), the shape Claude Code uses, over opencode's last-match-wins or Codex's two-axis matrix.
• Project config is untrusted. A permission allowlist in the checked-in ox.toml is a privilege-escalation vector, so append-merge lets a project only widen what the user allowed, with revocation through deny rules. Whether project files may set rules at all is left to the design doc.
• Decision rides the existing channel. The approval round-trip reuses the user_rx select! and the ConfirmDeleteSessionModal template, so no second channel or new control-flow plumbing is introduced.

Changes

File	Description
docs/research/tools/permissions.md	New survey: per-tool permission models across the three CLIs, a cross-tool comparison table, and a seam-by-seam map onto oxide-code.
docs/research/README.md	Adds the Tools section row for the new doc.
.cspell/words.txt	Allowlists nohup.

Test plan

• pnpm lint: 0 errors
• pnpm spellcheck: 0 issues

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!