uaoa
diff --git a/‎package.json‎
Lines changed: 6 additions & 0 deletions b/‎package.json‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎src/cli/execution.ts‎
Lines changed: 6 additions & 2 deletions b/‎src/cli/execution.ts‎
Lines changed: 6 additions & 2 deletions
@@ -146,6 +146,12 @@
 					"maximum": 60,
 					"description": "Auto-close timeout for the success message in seconds. Set to 0 to disable auto-close.",
 					"order": 10
+				},
+				"claudeCommit.privacyMode": {
+					"type": "boolean",
+					"default": false,
+					"markdownDescription": "Privacy mode: Restrict temporary prompt file permissions to owner-only (0600). When disabled, uses default permissions (0644). **Note: This option only takes effect on Linux/macOS. On Windows, file permissions are managed by the OS and this setting is ignored.**",
+					"order": 11
 				}
 			}
 		}
 
@@ -23,6 +23,7 @@ export async function generateWithCLI(
 
   const config = vscode.workspace.getConfiguration("claudeCommit");
   const model = config.get<Model>("model", "haiku");
+  const privacyMode = config.get<boolean>("privacyMode", false);
 
   const tmpDir = os.tmpdir();
   const promptFile = path.join(
@@ -31,7 +32,7 @@ export async function generateWithCLI(
   );
 
   try {
-    await fs.promises.writeFile(promptFile, prompt, "utf-8");
+    await fs.promises.writeFile(promptFile, prompt, { encoding: "utf-8", mode: privacyMode ? 0o600 : 0o644 });
 
     if (progressCallback) {
       progressCallback(`Using ${model} model...`);
@@ -122,14 +123,17 @@ export async function generateWithCLIManaged(
 
   const escapedCliPath = cliPath.includes(" ") ? `"${cliPath}"` : cliPath;
 
+  const config = vscode.workspace.getConfiguration("claudeCommit");
+  const privacyMode = config.get<boolean>("privacyMode", false);
+
   const tmpDir = os.tmpdir();
   const promptFile = path.join(
     tmpDir,
     `claude-commit-prompt-${Date.now()}.txt`
   );
 
   try {
-    await fs.promises.writeFile(promptFile, prompt, "utf-8");
+    await fs.promises.writeFile(promptFile, prompt, { encoding: "utf-8", mode: privacyMode ? 0o600 : 0o644 });
 
     if (progressCallback) {
       progressCallback("Using haiku model (managed mode)...");
Original file line number	Diff line number	Diff line change
`@@ -146,6 +146,12 @@`
`146`	`146`	`"maximum": 60,`
`147`	`147`	`"description": "Auto-close timeout for the success message in seconds. Set to 0 to disable auto-close.",`
`148`	`148`	`"order": 10`
	`149`	`+ },`
	`150`	`+ "claudeCommit.privacyMode": {`
	`151`	`+ "type": "boolean",`
	`152`	`+ "default": false,`
	`153`	`+ "markdownDescription": "Privacy mode: Restrict temporary prompt file permissions to owner-only (0600). When disabled, uses default permissions (0644). Note: This option only takes effect on Linux/macOS. On Windows, file permissions are managed by the OS and this setting is ignored.",`
	`154`	`+ "order": 11`
`149`	`155`	`}`
`150`	`156`	`}`
`151`	`157`	`}`