[BUG] Allow list overrides deny list when same command appears in both (possible destructive behavior)

Resolved 💬 3 comments Opened Nov 29, 2025 by biiconsulting Closed Jan 29, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

When the same Bash command pattern appears in both the allow list and deny list, the allow list takes precedence. This is backwards - deny should always win.

Expected behavior:
The deny list should take priority over the allow list. If a command is explicitly denied, it should be blocked regardless of allow rules.

Actual behavior:
Allow list overrides deny list, allowing the command to execute.

Impact:

  • Users cannot reliably block dangerous commands if they appear in allow rules
  • Violates principle of least privilege (explicit denies should be authoritative)
  • Could lead to unintended destructive operations (e.g., discarding uncommitted changes)

What Should Happen?

When evaluating permissions, check the deny list first. If a command matches any deny pattern, block it regardless of allow rules.

Error Messages/Logs

Steps to Reproduce

  1. Add git checkout:* to deny list
  2. Add git checkout:* to allow list
  3. Ask Claude to run git checkout -- <file>
  4. Command executes successfully (should be blocked)

This is a relatively benign command, but the same behavior works on much more destructive commands as well.

Claude Model

Opus

Is this a regression?

I don't know

Last Working Version

_No response_

Claude Code Version

2.0.55

Platform

Anthropic API

Operating System

Ubuntu/Debian Linux

Terminal/Shell

PowerShell

Additional Information

Terminal: SSH via PowerShell → Ubuntu (byobu/tmux)

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗