llm-subprocess-isolation-prevents-recursion
IN derived (depth 1)
All LLM subprocess invocations strip the CLAUDECODE environment variable to prevent recursive Claude Code entry, enforced centrally in invoke_model() and inherited by all LLM-facing modules (ask, derive, review).
Summary
When the system calls out to an LLM via a subprocess, it scrubs the environment variable that would cause Claude Code to activate recursively. This protection is built into the single shared function that all LLM-calling modules use, so every path that talks to an LLM automatically inherits the safeguard without needing to remember to do it individually.
Justifications
SL — Centralized enforcement in invoke_model covers all LLM-facing modules
Antecedents (all must be IN):
- invoke-model-strips-claudecode-env — invoke_model() in llm.py strips the CLAUDECODE environment variable before all subprocess.run() calls, preventing recursive Claude Code entry from any module that uses the shared LLM interface (ask, derive, review).
Dependents
These beliefs depend on this one:
- all-external-execution-is-subprocess-isolated — All LLM-facing operations execute through subprocess isolation with environment scrubbing: derive shells out to CLI binaries rather than importing SDKs (achieving provider agnosticism), and both derive and ask independently strip the CLAUDECODE environment variable (preventing recursive invocation) — two independent safety goals achieved through the same architectural choice.