refactor(worker): use --permission-mode auto instead of --dangerously-skip-permissions

Map legacy "bypassPermissions" config to "auto" at dispatch time; pass-through other modes (acceptEdits, plan, default).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

tests/ClaudeDo.Worker.Tests/Runner/ClaudeArgsBuilderTests.cs

@@ -13,7 +13,8 @@ public sealed class ClaudeArgsBuilderTests
         Assert.Contains("-p", args);
         Assert.Contains("--output-format stream-json", args);
         Assert.Contains("--verbose", args);
-        Assert.Contains("--dangerously-skip-permissions", args);
+        Assert.Contains("--permission-mode auto", args);
+        Assert.DoesNotContain("--dangerously-skip-permissions", args);
         Assert.Contains("--json-schema", args);
         Assert.DoesNotContain("--model", args);
         Assert.DoesNotContain("--append-system-prompt", args);
@@ -110,11 +111,11 @@ public sealed class ClaudeArgsBuilderTests
     }
 
     [Fact]
-    public void PermissionMode_bypass_Keeps_DangerousFlag()
+    public void PermissionMode_bypass_Maps_To_Auto()
     {
         var args = _builder.Build(new ClaudeRunConfig(null, null, null, null, PermissionMode: "bypassPermissions"));
-        Assert.Contains("--dangerously-skip-permissions", args);
-        Assert.DoesNotContain("--permission-mode", args);
+        Assert.Contains("--permission-mode auto", args);
+        Assert.DoesNotContain("--dangerously-skip-permissions", args);
     }
 
     [Fact]
@@ -126,10 +127,11 @@ public sealed class ClaudeArgsBuilderTests
     }
 
     [Fact]
-    public void PermissionMode_Null_Defaults_To_BypassPermissions()
+    public void PermissionMode_Null_Defaults_To_Auto()
     {
         var args = _builder.Build(new ClaudeRunConfig(null, null, null, null));
-        Assert.Contains("--dangerously-skip-permissions", args);
+        Assert.Contains("--permission-mode auto", args);
+        Assert.DoesNotContain("--dangerously-skip-permissions", args);
     }
 }