claude-code icon indicating copy to clipboard operation
claude-code copied to clipboard
Published 1 week ago verified publisher icon anthropics

--dangerously-skip-permissions sometimes still asks for permissions?

Open Helmi opened this issue 6 months ago • 3 comments

I'm not filing this as a bug as I'm very unsure about it. It only happens on one of my projects.

I'm running the project in a devcontainer to isolate the dev environment from my system and be able to run with --dangerously-skip-permissionsin a safe way. That worked fine for a while until it suddenly keeps asking for permissions again on certain Tools. Some examples that happen while I type:

Image

I'm sure i am in "Bypassing Permissions" btw...

Image

I have even added Search() and List() to my allow patterns in project settings but that doesn't change anything. Weird thing is that it only seems to happen on some tools - mainly Search() and List(). And only on this project - I'm not sure if only this project uses them to that extend, but it's very strange.

I already tried a run outside the devcontainer to see if that's the issue - it's not. Same behaviour.

So again - as it is very project specific i'm not filing this as a bug but maybe someone reading this has an idea.

Helmi avatar Jun 02 '25 08:06 Helmi

This should be fixed in the latest release, please reopen this if you're seeing this on v1.0.8!

rboyce-ant avatar Jun 02 '25 18:06 rboyce-ant

Unfortunately I do... :-(

Image

double checked I'm on 1.0.8 as well as with permission skipping active. Still happens seemingly. Still the same project.

I can't seem to be able to reopen though - it's greyed out for me.

Helmi avatar Jun 02 '25 19:06 Helmi

still happening on 1.0.9

Helmi avatar Jun 03 '25 20:06 Helmi

We've made a few additional fixes here, please re-file if you're still encountering this!

rboyce-ant avatar Jul 12 '25 02:07 rboyce-ant

just had this happen on 1.0.58:

$ claude --dangerously-skip-permissions
...
│
│ Do you want to proceed?
│ ❯ 1. Yes
│   2. Yes, and don't ask again for ... commands in /...
│   3. No, and tell Claude what to do differently (esc)

kenichi avatar Jul 23 '25 15:07 kenichi

just had this happen on 1.0.58:

$ claude --dangerously-skip-permissions
...
│
│ Do you want to proceed?
│ ❯ 1. Yes
│   2. Yes, and don't ask again for ... commands in /...
│   3. No, and tell Claude what to do differently (esc)

Happens for me aswell.

ItsRealDennis avatar Jul 28 '25 00:07 ItsRealDennis

Happens for me as well (testing --dangerously-skip-permissions out in a dev-container)

roy-opstudio avatar Jul 30 '25 16:07 roy-opstudio

can anyone confirm if the --dangerously-skip-permissions will still scope all actions just to the project directory and below? or does it give the ability to escape upwards?

the-vampiire avatar Jul 31 '25 15:07 the-vampiire

@the-vampiire No the actions are not scoped. I just tested and it has read/write access outside of the project. I just confirmed in a sandboxed dev container by listing the contents of another project in a parent folder, and writing to it.

pringshia avatar Jul 31 '25 18:07 pringshia

@pringshia thank you for testing. that's a surprising result.

i, and I’m sure all of us, would be more comfortable allowing unregulated tool use if it were at least relegated to the project dir.

is this a technical constraint or an oversight?

the-vampiire avatar Aug 01 '25 06:08 the-vampiire

This issue has been automatically locked since it was closed and has not had any activity for 7 days. If you're experiencing a similar issue, please file a new issue and reference this one if it's relevant.

github-actions[bot] avatar Aug 08 '25 14:08 github-actions[bot]