Flags

Common flags

Flag Description
--help Show flags and commands
--version Version
-p, --print "<prompt>" Headless: run prompt and exit
`--mode text\ json` Print mode output (json = structured event stream)
--yes Headless auto-approve within policy (not a sandbox)
--dangerously-permissionless Skip interactive confirms from start; headless gets --yes semantics
--save-session Persist history in headless (off by default)
--no-checkpoint Disable pre-edit file snapshots
--subagent-max-turns <n> Max turns per subagent (default 500)
--append-system-prompt "..." Append to system prompt
--enable-sqz Enable sqz compression if binary available
--enable-bash / --use-tools Tool toggles (defaults on)
--enable-subagents Subagent tools (default on)
--enable-images Force image attachments for unsupported servers

Headless exit codes

Code Meaning
0 Success
1 Runtime error
2 Blocked by policy

Safety notes

--yes and --dangerously-permissionless

Neither is a sandbox. Some dangerous shell patterns are still always blocked. Never use on untrusted prompts.

# Strict headless (default): confirm-needed tools rejected
ninja -p "fix tests"

# Auto within policy
ninja -p "fix tests" --yes

Preview any command:

ninja policy check "git push --force"