feat: add ROO_ACTIVE environment variable to terminal sessions for safety guardrails

[ajjuaire]

Problem

When Roo Code executes commands in the terminal, there is no way for external CLI tools to know they are being invoked by an AI agent. This means destructive operations (e.g. rm -rf, git push --force, database mutations) cannot be guarded against when initiated by Roo.

Proposed Solution

Set a ROO_ACTIVE=true environment variable in all terminals spawned by Roo Code. This allows other CLI tools, shell aliases, and wrapper scripts to detect that a command is being run from a Roo Code session and optionally block or prompt for confirmation on destructive operations.

Example usage in a shell alias:

alias rm='if [ "$ROO_ACTIVE" = "true" ]; then echo "Destructive operation blocked in Roo session"; else command rm "$@"; fi'

Implementation

Add ROO_ACTIVE: "true" to the env object returned by Terminal.getEnv() in src/integrations/terminal/Terminal.ts.

Benefits

• Zero cost to existing workflows — the env variable is inert unless explicitly checked
• Enables users and organizations to build safety guardrails around AI-initiated terminal commands
• Simple, minimal change

[roomote-v0]

I've analyzed this issue and here's my proposed implementation plan:

1. Add ROO_ACTIVE: "true" to the env object in Terminal.getEnv() in src/integrations/terminal/Terminal.ts (alongside the existing PAGER and VTE_VERSION entries)
2. Update the existing test in src/integrations/terminal/__tests__/TerminalRegistry.spec.ts to expect ROO_ACTIVE: "true" in the env assertions
3. Optionally add a dedicated unit test for Terminal.getEnv() verifying the new variable is always present

This is a minimal, low-risk change - the env variable is inert unless explicitly checked by external tools, exactly as described in the issue.

Please mention @roomote in a comment saying that you approve this plan, and I'll proceed with the implementation.