Regression: Read tool now requires permission prompts despite documentation
Description
Claude Code has recently started requiring permission prompts for Read operations, despite the documentation explicitly stating that read-only operations should not require approval.
Expected Behavior
According to the IAM documentation:
"Read-only tools require no approval and include 'File reads, LS, Grep.' These operations execute automatically without user confirmation."
Actual Behavior
Claude Code is now prompting for permission when attempting to read files within the working directory, such as:
Read(app/routes/app+/tools+/$toolId+/runs+/_index.tsx)
This file is within the working directory (/Users/../meta-tools) and should be automatically allowed.
Environment
- OS: macOS (Darwin 23.6.0)
- Working Directory:
/Users/../meta-tools - Timing: This started happening recently, suggesting a regression in a recent update
Impact
This creates friction in the user experience, as every file read now requires manual approval, significantly slowing down development workflows.
Workaround
Adding explicit allow rules in ~/.claude/settings.json:
{
"permissions": {
"allow": [
"Read(//Users/../**)"
]
}
}
However, this should not be necessary according to the documented behavior.
Additional Context
The user has global instructions in ~/.claude/CLAUDE.md that already specify not to ask for permission for read operations, but these are being ignored.
This issue has 7 comments on GitHub. Read the full discussion on GitHub ↗