claude-code icon indicating copy to clipboard operation
claude-code copied to clipboard
Published 2 days ago verified publisher icon anthropics

Project-scoped MCP servers don't trigger approval prompt

Open cfdude opened this issue 3 months ago • 9 comments

Bug Report: Project-scoped MCP servers don't trigger approval prompt

Summary

When starting a Claude Code session in a project containing .mcp.json, the expected approval prompt for project-scoped MCP servers never appears. Users must manually create .claude/settings.local.json to enable servers, bypassing the intended security workflow.

Expected Behavior

  1. Start Claude Code session in project with .mcp.json
  2. Approval prompt appears: "This project wants to use MCP servers: [list]. Approve?"
  3. On approval, .claude/settings.local.json is automatically created with enabled servers
  4. Servers become available in /mcp

Actual Behavior

  1. Start Claude Code session in project with .mcp.json
  2. No approval prompt appears ❌
  3. .claude/settings.local.json is NOT created ❌
  4. Servers do NOT appear in /mcp list ❌
  5. Must manually create .claude/settings.local.json with enabledMcpServers array

Steps to Reproduce

  1. Create project directory
  2. Add .mcp.json with MCP server configurations:
{
  "mcpServers": {
    "google-workspace": {
      "command": "uv",
      "args": ["--directory", "/path/to/server", "run", "main.py"],
      "env": { ... }
    }
  }
}
  1. Start Claude Code session in project: claude code
  2. Expected: Approval prompt appears
  3. Actual: No prompt, servers not available

Observed Issues

  • claude mcp list does NOT show project-scoped servers from .mcp.json
  • No approval prompt at session start
  • No indication that .mcp.json was even detected
  • Possible conflict when same-named servers exist in user-scoped config

Environment

  • OS: macOS Darwin 25.0.0
  • Claude Code CLI (latest)
  • .mcp.json exists in project root with valid configuration

Workaround

Manually create .claude/settings.local.json:

{
  "enabledMcpServers": ["google-workspace", "mcp-datetime"]
}

Impact

  • Breaks documented security model for project-scoped MCP servers
  • Users unaware of .claude/settings.local.json requirement
  • No visibility into which servers are project vs user-scoped
  • Approval mechanism completely non-functional

Suggested Fixes

  1. Critical: Trigger approval prompt on session start when .mcp.json detected
  2. Add --verbose flag to show MCP server discovery/loading process
  3. Show scope indicators in claude mcp list (user/project/local)
  4. Warn when project servers conflict with user-scoped servers
  5. Document .claude/settings.local.json approval mechanism clearly

cfdude avatar Oct 09 '25 00:10 cfdude

Update: Workaround confirmed working + documentation issue

After further investigation, the manual workaround does work, but the required .claude/settings.local.json structure is undocumented. The correct format is:

{
  "permissions": {
    "allow": [
      "mcp__server-name__*"
    ],
    "deny": []
  },
  "enableAllProjectMcpServers": true,
  "enabledMcpjsonServers": [
    "server-name"
  ]
}

Key findings:

  1. Property is enabledMcpjsonServers (not enabledMcpServers)
  2. Requires enableAllProjectMcpServers: true flag
  3. Requires permissions.allow array with mcp__<server-name>__* pattern
  4. Name conflicts: Project-scoped servers with same names as user-scoped servers are completely ignored (recommend using unique names like server-name-local)

After restart with correct .claude/settings.local.json structure, project-scoped servers now appear in /mcp list.

Core bug remains: No approval prompt appears on session start - users must manually create this file with the correct (undocumented) structure.

cfdude avatar Oct 09 '25 01:10 cfdude

Found 3 possible duplicate issues:

  1. https://github.com/anthropics/claude-code/issues/6855
  2. https://github.com/anthropics/claude-code/issues/3321
  3. https://github.com/anthropics/claude-code/issues/1313

This issue will be automatically closed as a duplicate in 3 days.

  • If your issue is a duplicate, please close it and 👍 the existing issue instead
  • To prevent auto-closure, add a comment or 👎 this comment

🤖 Generated with Claude Code

github-actions[bot] avatar Oct 09 '25 01:10 github-actions[bot]

Can you run /doctor from Claude Code in this project? When we've seen this before, it was a parsing issue from an invalid settings.json file.

rboyce-ant avatar Oct 09 '25 01:10 rboyce-ant

I ran /doctor in this project and don't have any reported issues. Mind you I experienced this bug when there was no settings.json file in existence - Claude Code never created one in this project folder when I first used the claude command in the terminal. I think the only thing that may be different is the first time I initiated this session for the first time I did 'claude --dangerously-skip-permissions'

cfdude avatar Oct 09 '25 03:10 cfdude

Can confirm this issue. Through systematic testing of both official methods:

Test 1: Official CLI method

  • Used claude mcp add --scope project to add servers
  • Started claude code session in project directory
  • Result: ❌ No approval prompt appeared, servers not loaded, /mcp showed "No MCP servers configured"

Test 2: Official manual .mcp.json method

  • Manually created .mcp.json with three MCP server configurations (HTTP, SSE, stdio transports)
  • Started claude code session in project directory
  • Result: ❌ No approval prompt appeared, servers not loaded, /mcp showed "No MCP servers configured"

Test 3: Applied workaround from this issue

  • Created [project]/.claude/settings.local.json with minimal configuration:
{
  "permissions": {
    "allow": ["mcp__*"]
  },
  "enableAllProjectMcpServers": true
}
  • Restarted claude code session
  • Result: ✅ All three servers loaded successfully and functional

Tested variations of workaround:

  • enableAllProjectMcpServers: true + explicit enabledMcpjsonServers array → works
  • enableAllProjectMcpServers: true + wildcard permissions only → works (more maintainable)

Both official methods documented at https://docs.claude.com/en/docs/claude-code/mcp#project-scope fail - manual workaround required.

Environment: macOS 26.0.1, Claude Code v2.0.27

clouatre avatar Oct 25 '25 22:10 clouatre

here is something else I have discovered, if you use any of the MCP add to the project scope and you try to run, as the next action 'claude --dangerously-skip-permissions' then it skips the part where it asks if you want to allow use of the newly added project MCP servers. That feels like an instance where that permission should be skipped but the MCP servers made available nonetheless, but they are not made available.

cfdude avatar Oct 26 '25 19:10 cfdude

Workaround Confirmed: Permission Acceptance Required

I can confirm this issue and have found a critical detail about the workaround:

Root Cause: When you have a local .mcp.json file, you MUST run Claude Code without --dangerously-skip-permissions at least once in that project for it to accept and load the .mcp.json configuration.

Why This Matters:

  • .mcp.json files require explicit user trust/approval
  • Running with --dangerously-skip-permissions bypasses the permission dialog
  • Without the initial approval, MCP servers in .mcp.json won't be loaded
  • This only needs to be done once per project

Reproduction Steps:

  1. Add/modify .mcp.json in your project
  2. Run claude with --dangerously-skip-permissions (common workflow)
  3. Result: No approval prompt appears, MCP servers don't load
  4. claude mcp list shows "No MCP servers configured"

Working Workflow:

  1. Add/modify .mcp.json in your project
  2. Run claude without --dangerously-skip-permissions
  3. Accept the MCP server trust dialog when prompted
  4. Restart Claude Code
  5. MCP servers now load correctly

Environment:

  • macOS
  • Claude Code (latest version as of 2025-10-27)
  • Testing with Playwright MCP server in project-scoped .mcp.json

This explains why many users see silent failure - if they always use --dangerously-skip-permissions, they never see the approval dialog that's required for .mcp.json to work.

sussdorff avatar Oct 27 '25 16:10 sussdorff

The workaround is not working for me for existing project directories.

If I am using a new project directory, Claude does prompt for approval and when the approval is accepted, the mcp servers that are allowed in ~/.claude/settings.json and managed-settings.json are written to the enabledMcpjsonServers list in the /.claude/settings.local.json file, and they are visible to /mcp. Only the MCP servers that are allowed in the user and enterprise tier are written to the settings.local.json file. MCP servers that are enabled in the /.claude/settings.json file are not written to the /.claude/settings.local.json file, and they are not visible to /mcp.

This is the behavior I am seeing if the project directory already exists:

Reproduction Steps:

  1. Add/modify .mcp.json in your project
  2. .claude/settings.json has "enabledMcpjsonServers": ["test-server"],
  3. Run claude
  4. Result: No approval prompt appears, MCP servers don't load
  5. claude mcp list shows "No MCP servers configured"

Working Workflow:

  1. Add/modify .mcp.json in your project
  2. .claude/settings.json has "enabledMcpjsonServers": ["test-server"],
  3. Enable the mcp server in ~/.claude/settings.json
    "allowedMcpServers": [{"serverName": "test-server"}]
    You can also enable the server in managed-settings.json
  4. Run claude
    User is not asked to approve the mcp server+
  5. MCP server now loads correctly
    The mcp servers are NOT written to .claude/settings.local.json

Environment:

  • Windows 11
  • Claude Code v2.0.55

dkbush avatar Dec 04 '25 23:12 dkbush