Security and Permissions
Claude Code presents permission prompts before running shell commands and modifying files. Responses: y (once), n (deny), a (always for this session), s (skip). Configure persistent auto-approvals via settings.json for safe operations only.
Syntax
claude-code
// Permission prompt response options:
[y]es // Allow this one instance
[n]o // Deny — Claude tries alternative
[a]lways // Auto-approve for rest of session
[s]kip // Skip this step entirely
// Persistent auto-approval settings:
// ~/.config/claude-code/settings.json
{
"allowedTools": [
"Bash(npm test*)",
"Bash(npm run typecheck*)",
"Bash(git status*)",
"Bash(git diff*)"
]
}Example
claude-code
// SAFE to auto-approve:
"Bash(npm test*)" // Test runners
"Bash(npm run typecheck*)" // Type checking
"Bash(git status*)" // Read-only git
"Bash(git diff*)" // Read-only git
// REQUIRE manual approval every time:
"Bash(git commit*)" // Review before committing
"Bash(git push*)" // Never auto-approve
"Bash(npm install*)" // Review new dependencies
"Bash(*--force*)" // Any destructive flag