[Bug] Bash tool bypasses allowlist restrictions and executes unapproved commands

Resolved 💬 6 comments Opened Dec 11, 2025 by CyberneticNomad-v808 Closed Feb 19, 2026

Bug Description
Summary: Bash commands not in the user's allowed list are executing without approval/blocking.

Environment: Claude Code CLI

Steps to Reproduce:

  1. User configured settings.json with specific allowed Bash patterns including Bash(ls:), Bash(find:) but NOT Bash(head:) or Bash(grep:)
  2. Claude invoked Bash tool with command: head -5 "$MAPPING_FILE_PATH" 2>/dev/null || echo "..."
  3. Command executed instead of being blocked or requiring approval

Expected Behavior: Command should be blocked or require user approval since head is not in the allowed list.

Actual Behavior: Command executed without approval.

Additional Context: The allowed tools list explicitly included specific Bash command patterns, implying others should be denied. User should not need to explicitly deny () to enforce the allowlist.

Environment Info

  • Platform: linux
  • Terminal: xterm-256color
  • Version: 2.0.60
  • Feedback ID: d5ccbffa-66e0-4292-ac8d-4005f47924af

Errors

[]

View original on GitHub ↗

This issue has 6 comments on GitHub. Read the full discussion on GitHub ↗