Regression: Read tool now requires permission prompts despite documentation

Resolved 💬 7 comments Opened Nov 8, 2025 by jonathan-autonama Closed Jan 11, 2026

Description

Claude Code has recently started requiring permission prompts for Read operations, despite the documentation explicitly stating that read-only operations should not require approval.

Expected Behavior

According to the IAM documentation:

"Read-only tools require no approval and include 'File reads, LS, Grep.' These operations execute automatically without user confirmation."

Actual Behavior

Claude Code is now prompting for permission when attempting to read files within the working directory, such as:

Read(app/routes/app+/tools+/$toolId+/runs+/_index.tsx)

This file is within the working directory (/Users/../meta-tools) and should be automatically allowed.

Environment

  • OS: macOS (Darwin 23.6.0)
  • Working Directory: /Users/../meta-tools
  • Timing: This started happening recently, suggesting a regression in a recent update

Impact

This creates friction in the user experience, as every file read now requires manual approval, significantly slowing down development workflows.

Workaround

Adding explicit allow rules in ~/.claude/settings.json:

{
  "permissions": {
    "allow": [
      "Read(//Users/../**)"
    ]
  }
}

However, this should not be necessary according to the documented behavior.

Additional Context

The user has global instructions in ~/.claude/CLAUDE.md that already specify not to ask for permission for read operations, but these are being ignored.

View original on GitHub ↗

This issue has 7 comments on GitHub. Read the full discussion on GitHub ↗