Settings

Safe auto-allow permissions

Allows common read-only commands to run without a prompt, while still confirming anything destructive — fewer interruptions, same safety.

permissionsworkflowsafety

Install to

settings.json → permissions

{
  "permissions": {
    "allow": [
      "Bash(git status)",
      "Bash(git diff *)",
      "Bash(git log *)",
      "Bash(ls *)",
      "Bash(cat *)",
      "Bash(grep *)",
      "Bash(rg *)",
      "Bash(npm test *)",
      "Bash(npm run build *)",
      "Read(*)"
    ],
    "deny": [
      "Bash(git push *)",
      "Bash(rm -rf *)",
      "Read(.env)",
      "Read(*.pem)"
    ]
  }
}

json · 22 lines

1{
2  "permissions": {
3    "allow": [
4      "Bash(git status)",
5      "Bash(git diff *)",
6      "Bash(git log *)",
7      "Bash(ls *)",
8      "Bash(cat *)",
9      "Bash(grep *)",
10      "Bash(rg *)",
11      "Bash(npm test *)",
12      "Bash(npm run build *)",
13      "Read(*)"
14    ],
15    "deny": [
16      "Bash(git push *)",
17      "Bash(rm -rf *)",
18      "Read(.env)",
19      "Read(*.pem)"
20    ]
21  }
22}

How to install

Open ~/.claude/settings.json (user) or .claude/settings.json (project).
Merge the keys into your existing JSON — don't replace the whole file; add/override only these keys.
Most keys live-reload. model and outputStyle need a restart to take effect.
Verify with /config (current settings) or /doctor (diagnostics).

← More settingss