feat: default to full-access mode with hook-based sensitive guards

docs/plans/state.json

@@ -5390,6 +5390,24 @@
         "docs/plans/state.json"
       ],
       "test_status": "pnpm test:run src/cli/companion.test.ts src/cli/index.test.ts + pnpm typecheck passing"
+    },
+    "full-access-hooks-guard-defaults": {
+      "status": "completed",
+      "date": "2026-02-18",
+      "updated": "2026-02-18",
+      "summary": "Aligned default behavior to full-access-with-hooks: setup now defaults to `tools.profile: full`, sensitive host operations default to `agents.sensitive_mode: confirm_without_elevation`, and default hook confirmations were expanded to cover high-impact actions (shell/process/browser/message send/cron mutations/file writes). This removes mandatory `/elevate` for standard operation while keeping explicit confirmation gates.",
+      "files_modified": [
+        "src/config/schema.ts",
+        "src/config/schema.test.ts",
+        "src/cli/setup/config.ts",
+        "src/cli/setup/config.test.ts",
+        "src/cli/setup/security.ts",
+        "src/cli/setup/sections.test.ts",
+        "config/default.yaml",
+        "README.md",
+        "docs/plans/state.json"
+      ],
+      "test_status": "pnpm test:run src/config/schema.test.ts src/cli/setup/config.test.ts src/cli/setup/sections.test.ts + pnpm typecheck passing"
     }
   },
   "overall_progress": {