anomalyco
Split external_directory permission into read vs write
Currently, external_directory is a single permission that controls all file operations (read, write, edit, patch, bash workdir) outside the working directory. This makes it impossible to allow reading external files while blocking writes.
Use case
I want the agent to be able to read reference files, configs, or documentation outside the project directory without prompts, but still block (or prompt for) any writes to external locations. Currently I must choose between:
-
"allow"- permits both reads and writes (too permissive) -
"ask"- prompts for every read (too noisy) -
"deny"- blocks all external access (too restrictive)
Proposed solution
Split into two permissions:
{
"permission": {
"external_directory_read": "allow",
"external_directory_write": "ask"
}
}
Or alternatively, add a mode qualifier:
{
"permission": {
"external_directory": {
"read": "allow",
"write": "ask"
}
}
}
Implementation notes
Looking at the source, this would require:
- Update config schema in
config/config.tsandagent/agent.ts - Modify permission checks in
tool/read.ts,tool/write.ts,tool/edit.ts,tool/patch.ts,tool/bash.tsto use the appropriate permission type - For backwards compatibility, the existing
external_directorycould be kept as a shorthand that sets both read and write
Note: This issue was drafted with Claude Opus 4.5
This issue might be a duplicate of existing issues. Please check:
- #4991: More general external_directory permissions - proposes making external_directory permissions more granular and extensible
- #4743: Allow /tmp or $TMPDIR folder access option - requests path-specific permission control for external directories
Feel free to ignore if your use case is different from these.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
